Hello, you are using an old browser that's unsafe and no longer supported. Please consider updating your browser to a newer version, or downloading a modern browser.

Global Accelerated Learning • Est. 1999
Glossary Term Phishing-as-a-Service PhaaS

Training Camp • Cybersecurity Glossary

What is Phishing-as-a-Service PhaaS?

Phishing-as-a-Service PhaaS rents ready-made phishing kits and infrastructure, lowering the bar for campaigns and often bypassing MFA via AiTM.

Glossary > Threats, Malware & Attacks > Phishing-as-a-Service PhaaS

Understanding Phishing-as-a-Service PhaaS

Phishing-as-a-Service PhaaS is a cybercrime business model in which operators sell or rent ready-made phishing kits, hosting, templates, and adversary-in-the-middle infrastructure to subscribers, lowering the technical barrier to launching campaigns. Modern PhaaS platforms such as those offering reverse-proxy phishing can capture credentials and session cookies to bypass multi-factor authentication, sometimes packaged as turnkey subscription services.

Learn More About Phishing-as-a-Service PhaaS:

Ready to Get Certified?

Phishing-as-a-Service PhaaS is one of the topics you'll master in the Security+ Boot Camp.

Security+ Boot Camp →