Don’t take the bait!

May 15 2023

Gone Phishing Banner

Welcome to Gone Phishing, your daily cybersecurity newsletter that chants #ChaChaCha at cybercrime’s Loreen ???? #Eurovision #FinlandFTW #StopTheSteal

Today’s hottest cyber security stories:

  • Don’t take the bait! Introducing PasS (Phishing-as-a-Service) named ‘Greatness’ ????
  • Toyota made 2 million customer car locations public… For TEN YEARS! ????
  • Did you know? 47% of all internet traffic came from bots in 2022 ????


We’ve written about various MaaS (Malware-as-a-Service) ‘products’ before here at Gone Phishing but this is the first time we’ve come across the term PaaS, or PhaaS (Phishing-as-a-Service).

As far as we can tell, it’s not especially different apart from the fact that this particular product, which can be bought on, you guessed it, the infamous dark web, it’s named ‘Greatness’ and, frankly, seems destined to fulfil its namesake in the criminal world.

So, what is it? Well, for now it’s primary operation is mimicking, with scary accuracy, Microsoft’s Office 365.

Indeed, as Cisco Talos researcher Tiago Pereira explains: “Greatness, for now, is only focused on Microsoft 365 phishing pages, providing its affiliates with an attachment and link builder that creates highly convincing decoy and login pages.

“It contains features such as having the victim’s email address pre-filled and displaying their appropriate company logo and background image, extracted from the target organisation’s real Microsoft 365 login page”, he continues.

These phishing kits are especially worrying because what they offer is a scam starter pack, if you will, for would-be ‘phishermen’. Gone are the days when you had to actually be tech savvy, or even intelligent, albeit in a dishonest way, to effectively separate victims from their hard-earned cash.

These PaaS kits, with Greatness seemingly at the forefront, are ushering in a new era of one size fits all scamming.

Think of them like a Fisher Price ‘My first scam’ product. And, believe me, when a certain type of person discovers that, for a relatively small amount of money, they can become the architect of their very own scamming campaign, they won’t hesitate to transfer that crypto, and get to work.

So, be aware, people. These phishing scams get more convincing by the day, so check the sender, check the spelling, do some googling and don’t get socially engineered into giving away your personal information and ending up in a scammers phishing net.

Don’t say we didn’t warn you!


Ever heard the expression: “a day late and a dollar short”? Well, in Toyota’s case it was a decade late and a basic privacy setting short. Facepalm.

The Japanese motoring giant has just disclosed a data breach on its cloud environment that exposed the car-location information of 2,150,000 customers for ten years, between November 6, 2013, and April 17, 2023.

You’ve no-doubt heard of corporations and organisations who really should know better using passwords like, well, ‘password’ and ‘Hello123’. Toyota did you one better and, in this case, a database misconfiguration allowed anyone to access its contents without a password at all. D’oh!

So, what information was exposed? Well, in our opinion the most alarming part of the ‘oversight’, to put it mildly, was the actual live locations of customers’ cars along with time data. I mean, if this were to fall into the wrong hands?!

Toyota be kidding me, right? Nope, you read that right, folks.

The information exposed in the misconfigured database included:

  • The in-vehicle GPS navigation terminal ID number
  • The chassis number
  • Vehicle location information with time data ????????????

While there is no evidence that the data was misused, unauthorised users could have accessed the historical data and possibly the real-time location of 2.15 million Toyota cars.

Goes to show you, folks, you can spend millions on cybersecurity, but often it’s the stupidest most school boy of errors that leaves you vulnerable to attacks.

DO sweat the small stuff!


So yeah, a new report just casually revealed the fact that nearly HALF of all internet traffic is bots like it was no biggy. We do this all day, every day and even we had to do a double-take on that one.

The 2023 Imperva Bad Bot Report reveals that in 2022, 47.4% of all internet traffic came from bots, a 5.1% increase over the previous year. The same report showed that human traffic, at 52.6%, decreased to its lowest level in eight years.

Although this isn’t directly related to cybercrime, we feel it paints an eye-opening picture of who (or what!) you’re dealing with when you surf the web these days.

We miss the days when bots were just the extra computer players you could introduce when you were playing multiplayer Goldeneye on Nintendo 64.

Those who know, know ???? As always, stay safe out there and don’t let the scammers take the phish!

So long and thanks for reading all the phish!

Recent articles