A phishing campaign targeting La Poste customers in France uses “address confirmation” scams to harvest full credit card details and bypass 3D-Secure protections [1]. Attackers utilize SMS and emails prompting a small fee to lead victims to cloned sites, stealing credentials and real-time security codes.
This phishing campaign targeting BAC Credomatic users in Central America employs SMS and email threats to force victims to a fake “Banca en LΓnea” portal. The attack, which impersonates “Codigo BAC” synchronization, is designed for real-time hijacking of user credentials and 2FA tokens to perform unauthorized transactions.
Key Defense Information
- Method: Scammers act as a middleman to steal username, password, and the 6-digit security token (Codigo BAC) in real-time.
- Warning Signs: Urgent language threatening account suspension and links to deceptive, non-official domains (e.g., sucursal-bac-seguridad.com).
- Protection: Always manually type ://baccredomatic.com in the browser and never enter your security token on sites reached via links [1].
This BAC Credomatic phishing case demonstrates a real-time proxy attack where attackers act as a middleman to intercept 6-digit Codigo BAC security tokens in real time. By tricking users into entering this token, scammers authorize fraudulent transactions or register new devices immediately, highlighting that two-factor authentication can be bypassed if the user provides the code directly to the threat actor.