From mandiant.com
![Hacker staring at numerous screens](https://www.bleepstatic.com/content/hl-images/2022/10/09/hacker-looking-at-screens.jpg)
While investigating phishing activity targeting Mandiant Managed Defense customers in March 2022, Managed Defense analysts discovered malicious actors using a shared Phishing-as-a-Service (PhaaS) platform called “Caffeine”. This platform has an intuitive interface and comes at a relatively low cost while providing a multitude of features and tools to its criminal clients to orchestrate and automate core elements of their phishing campaigns. These features include (but are not limited to) self-service mechanisms to craft customized phishing kits, manage intermediary redirect pages and final-stage lure pages, dynamically generate URLs for hosted malicious payloads, and track campaign email activity.