A phishing campaign targeting Banco Sabadell users in Spain employs SMS and email, mimicking a security update to steal credentials and Digital Signature (Firma Digital) codes. The attack uses lookalike domains, such as sabadell-online-seguridad.net or acceso-bancosabadell.com, to redirect victims to a Man-in-the-Middle site designed to harvest login data and authorize fraudulent transfers in real-time.
A Sabadell Bank phishing campaign uses SMS-based social engineering to falsely warn customers of a blocked account, directing them to a fake, pixel-perfect site designed to steal login credentials and digital signatures in real-time. This sophisticated scam tricks users into entering their app-generated security codes to authorize unauthorized wire transfers. Users are advised to avoid clicking links in SMS messages and only use official app channels.
This Banco Sabadell phishing case highlights a real-time Man-in-the-Middle attack, where criminals use urgent smishing tactics to steal credentials and SMS OTP codes instantly to authorize fraudulent transactions. Users must understand that SMS security codes are used for authorizing transactions, not for logging in, and that banks never send login links via text. To protect accounts, always log in manually via the official website and carefully read the purpose of every SMS code before entering it.