Part 1 — Exploring a probable escalation of phishing-as-a-service, email collection, automated exfiltration, and corporate extortion

Introduction

With a potential decline in revenue from ransomware campaigns and compromised credentials being sold by initial access brokers, financially motivated threat actors may evaluate new methodologies, likely within established tools and processes, to increase the monetization of future campaign efforts.