A phishing campaign targeting French telecommunications provider SFR uses fraudulent emails and SMS to trick customers into entering personal and credit card details on fake “Espace Client” login pages. The attack, designed to harvest banking credentials and 3D-secure codes through fake payment or refund notices, highlights a growing utility billing scam tactic. SFR “Refund / …
Monthly Archives: March 2024
Banca Intesa phishing page detected
A phishing campaign targeting Banca Intesa Beograd customers uses fraudulent SMS and email messages to harvest login credentials and real-time SMS OTPs via a spoofed login page. This Man-in-the-Middle attack aims to steal credentials for the Banca Intesa Mobi app, with fake links often leading to lookalike domains rather than the official bancaintesa.rs site. This …
BAC Credomatic phishing page detected
A sophisticated phishing campaign targeting BAC Credomatic customers uses “Token Synchronization” to steal credentials and real-time OTP codes via fake banking portals, often distributed through Smishing or email. The attackers use high-fidelity clones of the bank’s portal to trick users into entering their username, password, and Código BAC, aiming to bypass multi-factor authentication for fraudulent …
La poste phishing page detected
A phishing campaign targeting La Poste customers in France uses “address confirmation” scams to harvest full credit card details and bypass 3D-Secure protections [1]. Attackers utilize SMS and emails prompting a small fee to lead victims to cloned sites, stealing credentials and real-time security codes. This phishing campaign targeting BAC Credomatic users in Central America …