Adversary-in-the-Middle (AiTM) phishing attacks have evolved from niche exploits to scalable, SaaS-based crime tools. By bypassing MFA, these services enable attackers to gain access with minimal effort. Now, Dutch cybercriminals are mimicking this model: packaging banking fraud kits as subscription-based services. This talk highlights how the professionalization of phishing is lowering the barrier to entry for attackers, increasing the impact on Dutch users and platforms. We’ll cover real-world AiTM detection data, the economics of fraud-as-a-service, and how organizations can respond.
