EvilTokens: an AI-augmented Phishing-as-a-Service for automating BEC fraud – Part 2

EvilTokens is a commercially-offered Phishing-as-a-Service that uses Microsoft device-code phishing to harvest access and refresh tokens, providing affiliates with a centralized admin panel, a built-in webmail interface, token weaponisation (including PRTs), and an AI-driven pipeline that analyzes stolen mailboxes and generates tailored BEC emails to scale fraud operations.