PNC bank phishing page detected

Posted byAnti-phishing Leave a comment on PNC bank phishing page detected

Threat Analysis: PNC Bank Phishing – Fake “Online Banking” Login Page

This phishing campaign impersonates PNC Bank, one of the largest banks in the United States. The page mimics PNC’s online banking login interface to steal customers’ User ID and Password.

How it works:
The victim receives a phishing email, SMS, or other message claiming a security alert, account issue, or the need to verify their information. The message includes a link to this fake PNC login page. When the victim enters their User ID and Password and clicks “Sign In,” the credentials are captured and sent to the attacker.

The goal:
The attacker aims to steal the victim’s PNC online banking credentials. With these, they can log into the victim’s real bank account, view balances, transfer funds, pay bills, and commit fraud.

Red flags to watch for:

  • Suspicious URL: The page is hosted on a domain that is not pnc.com or any official PNC domain. Legitimate PNC online banking is accessed through the bank’s official website. Always check the address bar.
  • Unsolicited login request: PNC does not send emails or messages with links requiring customers to log in to resolve account issues. Customers should always access online banking by typing the URL directly or using the official PNC mobile app.
  • Minimal design: While the page includes the PNC logo and some text, it lacks the full navigation, security notices, and personalized elements present on the legitimate PNC login page. The layout is simpler than the real site.
  • No security image or phrase: Legitimate PNC login pages display a security image or phrase after entering the User ID as part of their fraud prevention measures. This page does not have that feature.
  • Generic footer: The footer includes copyright information and links, but these are copied from the real site and do not guarantee legitimacy.

What to do if you encounter this:

  • Do not enter your User ID, Password, or any other personal information on this page.
  • If you are a PNC customer, always access online banking by typing pnc.com directly into your browser or by using the official PNC mobile app.
  • If you have already entered your credentials, contact PNC immediately through their official customer service hotline to secure your account and change your password.
  • Report the phishing page to PNC’s fraud department (e.g., by forwarding the original message to [email protected] or using their official reporting channels).

Why this scam is effective:
PNC has millions of online banking customers across the United States. The page uses the PNC logo, the familiar “Online Banking” branding, and text copied from the legitimate website. The simple, clean design may appear credible to users who are not scrutinizing the URL. The inclusion of footer links and copyright information adds to the illusion of legitimacy.

Protective measures:

  • Bookmark the official PNC login page and use that bookmark to access online banking—never click links in emails or messages.
  • Use a password manager: It will autofill only on legitimate pnc.com domains, not on phishing sites.
  • Enable two-factor authentication (2FA) on your PNC account if available, to add an extra layer of protection.
  • Be suspicious of any unsolicited message that creates urgency and asks you to log in to your bank account.
  • Check the URL carefully: Legitimate PNC domains end with pnc.com. Look for misspellings, extra words, or unusual top-level domains.
  • If in doubt, contact PNC directly using a phone number from your bank statement or the official website—never use contact information provided in a suspicious message.

Leave a comment

Your email address will not be published. Required fields are marked *