In this episode of Fraudology, host Karisse Hendrick is joined by Frank McKenna, Chief Fraud Strategist at PointPredictive and the mind behind Frank on Fraud. Frank shares his latest deep dive into Starkiller, a sophisticated new phishing-as-a-service (PaaS) platform that emerged following the takedown of Tycoon 2FA.

The conversation explores the terrifying mechanics of Attacker-in-the-Middle (AITM) attacks, where fraudsters use "headless browsers" to mirror legitimate login sessions in real-time. Frank provides an inside look at how this tool allows criminals to capture not just credentials, but also two-factor authentication (2FA) codes and session cookies, enabling them to maintain access even after a user logs out.

We also explore the "hot topics" dominating the fraud landscape today:

1. ATO Without a Login Event: How marketplaces are seeing "good" users perform legitimate actions, only to have their payout information changed moments later within the same session.
2. The Democratization of Fraud: The professionalization of phishing kits on Telegram, which offer Netflix-style subscriptions and user-friendly dashboards for as little as $300 to $500 a month.
3. Detection Challenges: Why traditional device intelligence and cybersecurity tools struggle to flag these attacks because the victim is interacting with the real merchant website, not a clone.