From Deployment to Dollars: Automating the PHaaS Pipeline

Ben Coon

This talk examines an automated campaign from both administrator and operator perspectives, detailing how the underlying infrastructure is built, accessed, and managed. We outline the full lifecycle—from service purchase, to attack execution, to re-upping access for continued operations.

Attendees will learn why automated, service-driven phishing ecosystems now represent the baseline threat model, why early identification is critical before they scale, and which operational signals can be used to detect and disrupt them earlier in the attack lifecycle.

This session is designed for teams who want to punch back.