A phishing campaign targeting Arabic-speaking Snapchat users in the MENA region uses fake password reset pages to steal credentials and bypass two-factor authentication (2FA). Attackers utilize high-fidelity clones of the Snapchat login portal and real-time credential relay tactics to hijack user sessions and private data.
Security Notice: This spoofed page was logged, cross-checked, and neutralized firsthand by the
Antiphishing.bizsecurity team during our daily link moderation procedures. To protect the public, the phishing source domain has been completely disabled within our infrastructure. We document and analyze these live visual patterns to help security researchers and users spot lookalike phishing methods before financial damage occurs.
This case highlights a Real-Time Proxy Attack targeting Snapchat, where attackers use fake Arabic-language “Security Breach” notices to intercept user credentials and live 2FA codes, allowing immediate account takeover. The key security tip is the “Initiator” Rule: never enter a 2FA code on a page reached via a link; only provide codes on sites you accessed by manually typing the official URL.