A phishing campaign targeting Grove Bank & Trust in Florida uses “system upgrade” pretexting to steal business and personal online banking credentials and MFA codes. The attack directs users to a high-fidelity clone of the real login portal to harvest sensitive data for unauthorized account access.
Grove Bank & Trust “Secure Access” Phishing
Target: Clients and Business Partners of Grove Bank & Trust (USA / Florida)
Threat Level: High (Business & Personal Account Hijacking)
Phishing Method Description
This attack targets the Online Banking users of Grove Bank & Trust. Scammers use a Security Compliance pretext, sending out “Urgent Security Alerts” or “Account Verification” emails. They claim that due to a “System Upgrade” or “Unusual Activity,” the user must log in through a provided “Secure Link” to confirm their identity.
The link leads to a high-fidelity clone of the bank’s official portal. The phishing kit is specifically designed to harvest:
Access IDs / Usernames
Passwords
Multi-Factor Authentication (MFA) Codes: The fake site prompts the victim for their SMS or Email code in real-time. The attacker immediately uses this code on the actual bank site to perform unauthorized transfers or change account settings.
Identity Data: Fragments of personal information used for security challenge questions.
⚠️ Red Flags to Watch For
The URL Discrepancy: The official domain is grovebanktrust.com. Phishing sites often use lookalike addresses such as grovebank-secure.online, login-grovebanktrust.net, or free hosting subdomains like grovebank.web.app.
Aggressive Urgency: Phrases like “Immediate action required to avoid account suspension” or “New security protocol must be accepted” are used to induce panic.
Requests for MFA during Login: If a site asks for an MFA code immediately after you enter your password on a page you reached via a link, it is a sign of a real-time interception (MitM) attack.
🛡️ How to Protect Yourself
The “Manual Entry” Rule: Always access your banking by typing ://grovebanktrust.com manually into your browser’s address bar. Never use links from unexpected emails or text messages.
Verify the Sender: Check the sender’s email address carefully. Official bank communications come from the bank’s own domain. Be wary of addresses like [email protected].
Use the Mobile App: Manage your accounts through the official Grove Bank & Trust Mobile Banking app. Authentic security alerts will be delivered inside the secure app environment.
Protect Your MFA: Never share your One-Time Passcode (OTP) with anyone. A bank will never ask you to “verify” your identity by providing an SMS code on a page reached through a link.
💡 Expert Security Tip:
This is a Corporate Credential Harvesting attempt. Scammers are acting as a “middleman” between you and the bank. Your MFA code is the final line of defense; if you enter it on a fake site, the hackers gain full access to your funds in seconds. Never trust a login page that appears after clicking a link in an email.