The Tycoon2FA phishing-as-a-service (PhaaS) platform, which emerged in 2023, was recently disrupted by a coordinated law enforcement effort led by Europol, seizing 330 domains that were primarily used for its operations. This platform enabled cybercriminals to bypass multifactor authentication, making it a significant player in phishing activities. Prior to the disruption, Tycoon2FA was responsible for a large percentage of phishing attempts, reportedly sending over 30 million malicious emails in one month.