CP
cyberpings
FraudHIGH

Phishing Kit Exposed: CoGUI Targets Japan's Major Brands

JPJPCERT/CCFeb 27, 2026
CoGUIFishingMasterphishingJapanPhaaS
🎯

Basically, a new phishing kit is tricking Japanese companies into giving away sensitive information.

Quick Summary

A new phishing kit called CoGUI is targeting major Japanese brands. This sophisticated platform poses a significant risk to sensitive information. Cybersecurity experts are investigating and developing defenses against these attacks. Stay informed to protect yourself!

What Happened

A significant threat has emerged in the form of the CoGUI phishing kit, which is targeting major Japanese brands across various sectors, including finance and government services. This phishing-as-a-service (PhaaS)? platform, known as FishingMaster, has been operating under the radar, making it difficult for organizations to defend against its tactics. The presentation at JSAC2026 revealed how this sophisticated service has evolved and the methods used to carry out these large-scale attacks.

The speakers, Shadow Liu, Lime Chen, and Albert Song, detailed the operational structure of CoGUI. They explained that the platform has been promoting its services through closed channels, contributing to its obscurity. By analyzing web scanner data and monitoring underground communities, the team was able to expose the infrastructure? and operational ecosystem behind CoGUI, shedding light on how these phishing? attacks are executed.

Interestingly, after some media coverage in 2025, the operators of CoGUI temporarily halted their activities but later rebranded themselves as NX and FA. This rebranding? was a strategic move to enhance their operational security? and continue their malicious activities without detection. The evolution of this phishing? kit highlights the ongoing battle between cybersecurity professionals and threat actors, emphasizing the need for vigilance in the digital landscape.

Why Should You Care

If you use online services, especially in Japan, you could be at risk. Phishing? attacks like CoGUI aim to trick individuals into revealing sensitive information, such as passwords and bank details. Imagine a stranger pretending to be your bank, asking for your account number. That's the essence of phishing.

These attacks can lead to identity theft, financial loss, and significant damage to your personal and professional life. If companies fall victim to these scams, it can also affect their customers, leading to a loss of trust. Staying informed about such threats is crucial for protecting your data and ensuring your online safety.

Be proactive! Understanding how phishing? works and recognizing the signs can help you avoid falling victim to these scams.

What's Being Done

Cybersecurity experts are actively investigating the CoGUI phishing? kit and its associated platforms. Here are some actions being taken:

  • Monitoring underground communities to gather intelligence on phishing? tactics.
  • Developing countermeasures to protect potential targets from falling victim.
  • Educating users about recognizing phishing? attempts and securing their accounts.

Experts are keeping a close eye on how these phishing? operations adapt and evolve, especially after rebranding? efforts. The ongoing analysis will help in developing more effective defenses against such threats in the future.

💡 Tap dotted terms for explanations

🔒 Pro insight: The CoGUI phishing kit's evolution demonstrates the adaptability of cybercriminals, necessitating continuous monitoring and rapid response strategies.

Original article from

JPCERT/CC

Read Full Article

Share

Related Pings

HIGHFraud

Phishing Kit Tycoon 2FA Dismantled in Global Takedown

A major phishing platform, Tycoon 2FA, has been shut down by law enforcement. This action protects countless users from potential account breaches. Stay aware of phishing tactics to keep your information safe.

Graham Cluley·Yesterday, 5:58 PM
HIGHFraud

North Korean APTs Leverage AI for Worker Scams

North Korean hackers are ramping up their scams using AI technology. Job seekers are particularly at risk, as these scams become harder to detect. Stay alert and verify job offers to protect yourself from potential fraud.

Dark Reading·Yesterday, 5:49 PM
HIGHFraud

Crypto Heist: $46M Stolen from US Marshals

A government contractor's son has been arrested for allegedly stealing $46 million in cryptocurrency from the US Marshals. This theft raises serious concerns about the security of digital assets. Stay informed to protect your own investments.

The Register Security·Yesterday, 12:02 PM
HIGHFraud

Ransomware Gangs Shift Tactics Amid Effective Backup Strategies

Ransomware gangs are changing tactics as businesses improve data protection. With BEC claims on the rise, the risk of identity theft increases. Stay vigilant and enhance your security measures now.

Help Net Security·Yesterday, 7:00 AM
HIGHFraud

Phishing Persists: Evolving Tactics Fool Employees Daily

Phishing tactics are evolving, making it harder for employees to spot scams. With techniques like QR phishing and lookalike domains, everyone is at risk. Stay informed and vigilant to protect your data!

Help Net Security·Yesterday, 6:30 AM
HIGHFraud

Fraudsters Target Companies with Fake TechCrunch Outreach

Scammers are impersonating TechCrunch staff to reach out to companies. This poses a risk of data breaches and financial loss. Stay vigilant and verify any suspicious outreach.

TechCrunch Security·Mar 5, 2026