Winbuzzer explores the alarming rise in phishing schemes exploiting Cloudflare Pages and Workers, with incidents projected to grow by year-end. Zachary Travis, Threat Hunter II at Fortra, highlighted how cybercriminals leverage these platforms not only to host convincing phishing sites but also to automate attacks and evade detection, emphasizing the evolving sophistication of these threats.
Originally published in Winbuzzer.
Excerpt: “While an almost 200% increase in attacks being hosted on Cloudflare Pages is eye-opening on its own, the types of threats are what we really want to focus on. These platforms are not only being used to host convincing phishing sites, but also redirect to other malicious sites.
This additional layer of deception is critical to helping criminals evade detection. Additionally, they are being leveraged to host massive corporate email lists, sometimes numbering in the hundreds of thousands, fueling highly targeted phishing and spear phishing campaigns.”