Rising Phishing Campaigns Linked To Dreamflow.app

SaaS platforms have become a primary vector for phishing attacks, with attackers increasingly exploiting cloud-based services as both targets and launch platforms.

Cybersecurity researchers are now warning organisations to remain alert after identifying a growing number of phishing campaigns leveraging the automation platform Dreamflow.app, where threat actors are increasingly using the platform to launch email-based attacks. (Phishing)

According to security analysts monitoring recent campaigns, attackers are exploiting workflow automation tools hosted on the platform to generate convincing phishing emails, automate delivery at scale.

Investigations show that phishing messages tied to the platform often impersonate trusted brands, cloud-service notifications, or invoice alerts, directing recipients to credential-harvesting pages that closely replicate legitimate login portals.

Because the infrastructure is built on a legitimate automation service, many of the emails initially bypass reputation-based detection systems, increasing the likelihood that users will interact with them.

Security experts say the rise in Dreamflow-linked campaigns highlights an ongoing shift in the phishing landscape, where attackers increasingly rely on legitimate SaaS platforms rather than dedicated malicious infrastructure.

Researchers note that while the platform itself is not inherently malicious, the growing misuse of legitimate automation tools underscores the need for closer monitoring of how cloud-based workflow services are being weaponised in modern cybercrime campaigns.

SaaS and webmail platforms were the most targeted sector for phishing in the first quarter of 2025, accounting for about 17.6% to 17.7% of all attacks.

Data from the Anti-Phishing Working Group (APWG) logged 1,003,924 unique phishing attacks against the SaaS/webmail category in Q1, with criminals frequently chasing “master key” logins for services such as Microsoft 365 and Google Workspace.

Security analysts say the surge is being accelerated by phishing-as-a-service kits, which let attackers quickly clone trusted brands — particularly Microsoft — and scale campaigns with high accuracy.

Tech Business News

Rising Phishing Campaigns Linked To Dreamflow.app

Cybersecurity researchers say they’re now seeing a rising number of email phishing campaigns leveraging Dreamflow.app’s automation workflows, prompting fresh warnings for organisations to stay on alert.

Leave a Reply Cancel reply

Tech Articles

Australia’s Heavy Vehicle EV Charging Market: A Critical Infrastructure Gap Being Filled

Why AI Is Forcing Developers To Abandon Untyped Code

Why Hyperfast NBN Plans Won’t Benefit Most Australian Homes: The Equipment Bottleneck

Recent News

Your Backups Might Be Your Greatest Weakness

Free Cybersecurity Toolkit For Australian Small Businesses To Keep Them Cyber Safe

Cisco urges customers to patch vulnerabilities discovered in its RV series routers.

Passkeys Are Gaining Ground, But Yubico Urges Security Leaders To Step Up

Tech Business News

In 2026, technology news is shaping business outcomes faster than ever—driven by AI adoption, rising cyber risk, cloud modernisation, data regulation, and constant platform change.

Tech News keeps Australian organisations and industry professionals informed with timely reporting and practical coverage across AI, cybersecurity, cloud, enterprise IT, startups, science, people and business, plus major world and local news impacting the tech sector.

Tech Business News publishes news and analysis designed to be clear, relevant, and easy to act on. It supports the industry with technology news reports, whitepaper publishing services, and a range of media, advertising and publishing options

About

Contact

Tech News