When you purchase through links on our site, we may earn an affiliate commission.Heres how it works.
Usually, the crooks were going for organizations in financial services, banking, and technology.
Attackers abuse Webflow in two ways, Netskopes researchers claim.
Creating standalone phishing pages and using Webflow pages to redirect victims to phishing pages hosted elsewhere.
The latter, on the other hand, provides more flexibility and allows for more complex attacks.
Webflow also provided custom publicly accessible subdomains without additional cost, which the crooks happily used.
What makes the phishing sites easy to spot is the way they mimic legitimate pages.
Some pages simply redirected people from this image to the actual phishing page hosted elsewhere.
