Catching a phish with many faces

Here’s a brief dive into the murky waters of shape-shifting attacks that leverage dedicated phishing kits to auto-generate customized login pages on the fly

09 May 2025 • , 4 min. read

Phishing remains a particularly stubborn threat in the cybersecurity landscape. It sticks around partly because even though the bad guys are always after the same prize – people’s login credentials and other sensitive information – they never cease to evolve and adapt their tactics.

One technique that has gained traction in recent years is the use of dynamically generated phishing pages. Using dedicated phishing-as-a-service (PhaaS) toolkits, attackers can spin up authentic-looking phishing pages on the spot, all while customizing them for whoever they’re targeting.

Instead of laboriously cloning a target website, even less tech-savvy attackers can get the toolkits to do the heavy lifting for them – and in real time and on a mass scale at that. One well-known ...