• About us
  • Contact us
Friday, July 10, 2026
No 1 epaper in Sri Lanka
  • News
  • Politics
  • Sports
  • Foreign
  • Entertainment
  • Business
  • Political Analysis
  • Inside Politics
  • EPAPERPDF
  • සිංහලSINHALA
No Result
View All Result
  • News
  • Politics
  • Sports
  • Foreign
  • Entertainment
  • Business
  • Political Analysis
  • Inside Politics
  • EPAPERPDF
  • සිංහලSINHALA
No Result
View All Result
Mawratanews.lk | Sri Lanka Latest Sinhala News and Headlines
No Result
View All Result
Home Business

Kaspersky has discovered a new corporate phishing technique using a popular AI web development platform

June 18, 2026
in Business
Reading Time: 13 mins read
A A
Kaspersky has discovered a new corporate phishing technique using a popular AI web development platform
Share on FacebookShare on Twitter

Kaspersky has discovered that attackers have begun exploiting another legitimate service for malicious purposes – this time it is Tencent EdgeOne Pages, a platform for creating and hosting web applications. Attackers are misusing its capabilities to generate phishing emails targeting corporate users. Previously, Kaspersky described similar attacks leveraging Google services and web applications generated by Bubble, an AI-powered app builder, to hunt for corporate credentials.

Employees across multiple industries, including the industrial sector, sales, and government, are among the targets. The goal of the attack is to steal login credentials for corporate resources. Over the past 30 days, the company’s experts have detected more than 8,000 phishing emails using this tactic, including messages in English, Korean, and Russian.

The Tencent EdgeOne Pages service is positioned as a platform for quickly creating and deploying web applications using AI. Scammers misuse it to generate and publish phishing pages in minutes with virtually no web development skills.

Attackers host phishing pages on EdgeOne’s legitimate cloud infrastructure and use trusted domains. As a result, such sites appear to be established and secure to many protective solutions, complicating the detection of such attacks.

The user receives an email from the alleged “corporate email support team”. The message states that the account login credentials will expire in 48 hours, and that failure to update them may result in problems receiving or sending emails. To avoid restrictions, the user is prompted to click a link and enter relevant information. Phishing emails are not limited to this narrative, and could deliver any corporate message, such as a message from the HR department or a notification of a received document that should be downloaded.

Clicking the link in the email opens a page with a form for entering the victim’s name, email address, and password. It is a simple design, with virtually no additional elements. After the user enters their login and password, the data is transferred to a server controlled by the attackers.

“We are seeing a continuation of the trend in which attackers use AI and no-code platforms as part of their phishing infrastructure. We’ve previously observed a similar scheme using the Bubble platform, and here we have yet another example. While the communication used in these phishing attacks is typical and has been used multiple times before, the attack technique itself significantly lowers the barrier to entry for attackers and accelerates the creation of phishing resources. Previously, this required at least basic web development skills, but now an infrastructure for fraudulent emails can be created in minutes,” comments Roman Dedenok, Anti-Spam Expert at Kaspersky.

To be protected, Kaspersky recommends: Educate employees so that they understand that corporate credentials should only be entered on verified, official company platforms. Deploy robust security solutions to block access to known and suspicious phishing destinations. Implement advanced anti-phishing technologies at the email gateway to reduce exposure to malicious messages. Stay updated on evolving attacker techniques and integrate threat intelligence into security operations.

Photo Caption: A page that was set up by the attackers to collect credentials

    Share51Tweet32Send
    Previous Post

    Gestetner of Ceylon and MAXHUB Unite to Bring World-Class Collaborative Technology to Sri Lanka

    Next Post

    Union Assurance Honours Top Life Lead Performers at the Sampath Bank Life Leads Annual Awards 2025

    MORE NEWS

    Saudi Fund for Development and Sri Lanka Inaugurate Faculty of Medicine at Sabaragamuwa University
    Business

    Saudi Fund for Development and Sri Lanka Inaugurate Faculty of Medicine at Sabaragamuwa University

    July 8, 2026
    Asia Asset Finance PLC Strengthens Reach with New Branch Expansion Drive
    Business

    Asia Asset Finance PLC Strengthens Reach with New Branch Expansion Drive

    July 8, 2026
    Pepsi Street Kala 2.0 showcased Sri Lankan art, music, and food, uniting audiences in colourful cultural celebration
    Business

    Pepsi Street Kala 2.0 showcased Sri Lankan art, music, and food, uniting audiences in colourful cultural celebration

    July 8, 2026
    HNB Life Signs MOU with GMOA to Extend Exclusive Benefits to Members
    Business

    HNB Life Signs MOU with GMOA to Extend Exclusive Benefits to Members

    July 8, 2026
    Prime Group crowned Sri Lanka’s ‘Most Loved and Trusted’ real estate brand by LMD
    Business

    Prime Group crowned Sri Lanka’s ‘Most Loved and Trusted’ real estate brand by LMD

    July 8, 2026
    Emirates to double its A350 operations in Colombo from August
    Business

    Emirates to double its A350 operations in Colombo from August

    July 8, 2026
    Load More

    One of the best Sri Lanka Latest News Website and Sinhala language newspaper with Sunday editions, published by Free Media Independent Networks Pvt Ltd.

    • About us
    • Contact us

    Copyright © 2019–2025 Free Media Independent Networks Pvt Ltd. All Rights Reserved. Developed by Turn Global.

    No Result
    View All Result
    • News
    • Politics
    • Sports
    • Foreign
    • Entertainment
    • Business
    • Political Analysis
    • Inside Politics
    • EPAPER
    • සිංහල

    Copyright © 2019–2025 Free Media Independent Networks Pvt Ltd. All Rights Reserved. Developed by Turn Global.