Phishing-As-A-Service Drives Surge In Cybercrime For 2025
SecurityBrief, Thursday, June 12th, 2025
Barracuda Networks has released new details on the rising prevalence of Phishing-as-a-Service (PhaaS) attacks, the technologies underpinning them, and trends shaping cybercrime in 2025.
The company's analysis found that an estimated 60% to 70% of all phishing attacks observed since the beginning of 2025 have been delivered using PhaaS models. Of these, the Tycoon 2FA phishing kit emerged as the most popular, responsible for 76% of the detected incidents. EvilProxy accounted for 8%, while Mamba 2FA and Sneaky 2FA together made up 6%. The remaining 10% consisted of other kits such as LogoKit, CoGUI and FlowerStorm.