Crime-as-a-Service (CaaS) is the practice of experienced cybercriminals selling access to the tools and knowledge needed to execute cybercrime ‘ in particular, it’s often used to create phishing attacks. By removing many barriers to entry, this trend has made it easy to craft an effective phishing attack. Phishing attacks executed using CaaS tools are designed to exploit employees, which makes them harder for organizations to mitigate. With attackers able to execute a high volume of technically sophisticated attacks, the threat to organizations is clear.
Source: https://www.helpnetsecurity.com/2021/08/03/crime-as-a-service/