Bankinter Portugal “Security Alert” Phishing
Target: Bankinter Customers in Portugal
Threat Level: Critical (Real-time Account Takeover & SMS OTP Theft)
Phishing Method Description
This attack targets users of Bankinter Particulares (Online Banking). Scammers use a “Fraud Alert” pretext, sending out Smishing (SMS) messages claiming that an “unauthorized access” or “unusual purchase” has been detected. To “cancel” the transaction or “secure” the account, the user is pressured to click a link immediately.
The link leads to a high-fidelity clone of the Bankinter.pt portal. This sophisticated phishing kit is designed to harvest:
User ID / NIF (Número de Identificação Fiscal)
Access Password (Multichannel Key)
Mobile Phone Number
SMS One-Time Password (OTP): The fake site prompts the victim to enter the security code in real-time. The attacker immediately uses this code on the actual Bankinter server to authorize a fraudulent wire transfer or to register their own device as the primary security key.
⚠️ Red Flags to Watch For
The Lookalike URL: The official domain is bankinter.pt. Phishing sites use deceptive addresses like seguranca-bankinter.online, verificar-acesso-bankinter.net, bankinter-portugal.com, or free subdomains like bankinter-login.web.app.
Urgent & Alarming Tone: Phrases like “Acceso no autorizado detectado” or “Bloqueo preventivo” are used to bypass critical thinking and force an impulsive click.
Link in SMS/Email: Bankinter officially states they will never include a clickable link in an SMS message regarding account security or “blocking” access.
💡 Expert Security Tip: The “Cancellation” Deception
The Method:
This case highlights a Social Engineering Trick known as the “Cancellation Scam.” Scammers create a fake “security threat” to make you panic.
The Trap:
When you enter an SMS OTP on a fake site to “cancel a fraudulent transaction,” you are actually doing the exact opposite. Because the attacker is logged into your real account in the background, they have just triggered a new fraudulent transfer. The code you just entered is the final digital signature they need to move your money out of the bank.
How to Protect Yourself:
OTP is for Authorization ONLY: A real bank will never ask you to enter an SMS code to cancel or block something. SMS codes are strictly for authorizing actions you started yourself.
The “Manual Entry” Rule: If you receive a security alert via SMS, ignore the link. Open your browser and manually type www.bankinter.pt to log in safely.
Read the SMS Content: Carefully read the text accompanying the code. If it says “Code to authorize a transfer of 1,000 €” but you are trying to “secure your account,” it is 100% a scam.