Kapital Bank Phishing – Fake Transfer Confirmation & Card Harvesting
This phishing campaign impersonates Kapital Bank, one of the largest banks in Azerbaijan. The scam is presented in two steps:
A fake transfer confirmation page claiming money is ready to be received
A payment/card details harvesting page
How it works:
The victim likely receives a phishing email, SMS, or social media message claiming someone has sent them money or that they have a pending transfer. The link leads to the first phishing page.
Step 1 – The Fake Transfer Page (First Screenshot)
This page displays:
A claimed transfer amount: 450 AZN (Azerbaijani manat)
Sender information: “Göndaran” (Sender) field is blank
Limit: 100,000 AZN
Fee details: 1% service fee, net amount 445.50 AZN
A “Davam et” (Continue) button
The page mimics Kapital Bank’s interface to appear legitimate. The victim is told they are receiving money and must continue to claim it.
Step 2 – The Card Details Harvesting Page (Second Screenshot)
After clicking “Continue,” the victim is taken to this page, which requests:
Card number (placeholder shows 0000 0000 0000 0000)
Cardholder name (placeholder shows XXXX XXXX)
Expiry date (month/year)
CVV (three-digit code)
Phone number (with +994 country code for Azerbaijan)
The page also includes Visa branding and a checkbox with text in Azerbaijani (“Odənişləri təhlükəsiz et” – “Make payments secure”) to create a false sense of security.
The goal:
The attacker aims to steal complete credit or debit card details along with the victim’s phone number. With this information, they can make unauthorized transactions, link the card to digital wallets, or sell the data. There is no actual transfer of 450 AZN—the entire offer is fabricated.
Red flags to watch for:
No login required: Legitimate banking transfers do not require entering card details to receive money. Receiving funds never requires the recipient to input their card information.
Suspicious URL: Both pages are hosted on domains that are not kapitalbank.az (Kapital Bank’s official domain).
Missing sender information: The “Göndaran” (Sender) field is empty, yet a transfer is allegedly pending—this is unrealistic for a legitimate banking notification.
Typo in second page header: The second page says “Kapitel Bank” instead of “Kapital Bank,” a misspelling that is a clear indicator of a fake page.
Unnecessary card request: To claim a transfer, a legitimate bank would either deposit funds automatically or require login credentials—never a full card number, CVV, and phone number.
Generic placeholders: The form uses “XXXX XXXX” and “000” as placeholders, which is not standard for a legitimate banking portal.
Vague fee explanation: The fee is stated but the overall context (why a fee applies to receiving money) is suspicious.
What to do if you encounter this:
Do not click “Davam et” (Continue) or enter any card or personal information.
If you are a Kapital Bank customer, always type the official bank URL (kapitalbank.az) directly into your browser or use the official mobile app.
Never provide your card details, CVV, or phone number in response to a link claiming you are receiving money.
Report the phishing page to Kapital Bank’s fraud department and to local authorities.
Why this scam is effective:
The promise of receiving money (450 AZN) creates a sense of opportunity. Victims may believe they need to “verify” their card or “activate” the transfer by entering their details. Scammers often distribute these links via SMS or messaging apps, claiming a friend or family member sent money. Because the page mimics Kapital Bank’s branding and includes Azerbaijani language, local users may lower their guard.
Protective measures:
Never enter card details to receive money through any bank or payment service
Always access banking services by typing the official URL or using the official app
Be suspicious of unsolicited messages about unexpected money transfers
Check the URL carefully—phishing domains often differ by one letter or use unusual extensions