DrexCorman
Member
- Joined
- January 12, 2026
- Messages
- 7
- Reaction score
- 1
- Points
- 3
- Thread Author
- #1
This is my operational flow which follows a refined methodology developed through continuous improvement.
The first step deals with acquiring phone numbers through various means including data breaches, OSNIT gathering or purchasing leads from underground markets.
There are technical gaps in sender ID validation within both messaging platforms that can be easily exploited.
For iMessage, this involves creating temporary Apple IDs with impersonated display names, while RCS exploitation leverages carrier implementation inconsistencies in sender verification.
Message deliveries are done through automated platforms using VoIP numbers or compromised credentials, deployed in precisely timed multi-wave campaigns to maximize effectiveness.
The phishing links embedded in these messages implement sophisticated obfuscation techniques, including time-limited single-use URLs that expire or redirect based on device fingerprinting to evade security analysis.
The economics are strongly in my favour as a campaigner, as neither RCS nor iMessage messages incur per-message costs like traditional SMS, enabling high-volume campaigns at minimal operational expense.
IFYKYK =) (PHAAS)
Well-connected campaigners can use PHAAS panel’s template settings to create and customize phishing themes, which they can then distribute to a large number of dupes.
Before sending out a high volume of phishing links, the process involves creating and designing landing pages that dupes will encounter.
In the past campaigners used to rely on developers to make custom landing pages which took days or weeks to make, and would eventually be flagged easily. Those days are gone!!
Utilizing various landing and verification pages within the PHAAS infrastructure, the panel automatically generates a domain when a domain name is provided, creating an interface tailored to the selected phishing template.
When creating a template, users can customize the landing pages for their targeted domains, such as yobitchshit.com/xxx.
Additionally, the panel allows for dynamic adjustments based on the dupes IP address, enabling location-based targeting, device-specific focus (iOS or Android), and additional verification steps for users.
To enhance the targeted nature of campaigns and evade detection, measures can be implemented to block connections from IP addresses outside the targeted region or if dupes attempt to access the domain directly instead of clicking on a shortened URL. Payment pages are only displayed to dupes within the designated region.
The panel also allows the campaigners to enter details such as penalty amounts or fees that will be displayed to dupes.
Each user interaction with the phishing links is logged in real time in the PHAAS panel's access logs.
Campaigners using this can monitor victim activity in real-time through the Real-time section, tracking details such as the time of access, the device used, the phishing domain accessed, and whether the victim entered their information.
The first step deals with acquiring phone numbers through various means including data breaches, OSNIT gathering or purchasing leads from underground markets.
There are technical gaps in sender ID validation within both messaging platforms that can be easily exploited.
For iMessage, this involves creating temporary Apple IDs with impersonated display names, while RCS exploitation leverages carrier implementation inconsistencies in sender verification.
Message deliveries are done through automated platforms using VoIP numbers or compromised credentials, deployed in precisely timed multi-wave campaigns to maximize effectiveness.
The phishing links embedded in these messages implement sophisticated obfuscation techniques, including time-limited single-use URLs that expire or redirect based on device fingerprinting to evade security analysis.
The economics are strongly in my favour as a campaigner, as neither RCS nor iMessage messages incur per-message costs like traditional SMS, enabling high-volume campaigns at minimal operational expense.
IFYKYK =) (PHAAS)
Well-connected campaigners can use PHAAS panel’s template settings to create and customize phishing themes, which they can then distribute to a large number of dupes.
Before sending out a high volume of phishing links, the process involves creating and designing landing pages that dupes will encounter.
In the past campaigners used to rely on developers to make custom landing pages which took days or weeks to make, and would eventually be flagged easily. Those days are gone!!
Utilizing various landing and verification pages within the PHAAS infrastructure, the panel automatically generates a domain when a domain name is provided, creating an interface tailored to the selected phishing template.
When creating a template, users can customize the landing pages for their targeted domains, such as yobitchshit.com/xxx.
Additionally, the panel allows for dynamic adjustments based on the dupes IP address, enabling location-based targeting, device-specific focus (iOS or Android), and additional verification steps for users.
To enhance the targeted nature of campaigns and evade detection, measures can be implemented to block connections from IP addresses outside the targeted region or if dupes attempt to access the domain directly instead of clicking on a shortened URL. Payment pages are only displayed to dupes within the designated region.
The panel also allows the campaigners to enter details such as penalty amounts or fees that will be displayed to dupes.
Each user interaction with the phishing links is logged in real time in the PHAAS panel's access logs.
Campaigners using this can monitor victim activity in real-time through the Real-time section, tracking details such as the time of access, the device used, the phishing domain accessed, and whether the victim entered their information.
