A sophisticated phishing campaign targeting Argenta Bank customers in Belgium and the Netherlands utilizes fraudulent “Digipass synchronization” to perform real-time session hijacking and fund theft. Attackers use phishing sites to harvest login credentials and security codes, prompting users with fake urgent security alerts to bypass two-factor authentication.
Threat Intel: This spoofed page was intercepted, verified, and locked down firsthand by the
Antiphishing.bizsecurity team during our daily link moderation procedures. To protect the public, the dangerous destination URL has been fully defanged within our infrastructure. We document and analyze these live visual patterns to help security researchers and users spot lookalike phishing methods before financial damage occurs.
Argenta Bank “New Debit Card” Phishing
Target: Customers of Argenta Bank (Belgium and the Netherlands)
Threat Level: Critical (Physical Card Replacement & Account Takeover)
Phishing Method Description
This attack uses a “Card Expiration” pretext. Victims receive a Phishing Email or SMS (Smishing) claiming that their current bank card is outdated or no longer compliant with new security standards. To “request a new card for free,” the victim is pressured to click a link.
The link leads to a professional clone of the Argenta “Argenta Bankieren” portal. This sophisticated phishing kit is designed to harvest:
Log-in Credentials (User ID and Password)
Full Debit Card Details (Card Number and Expiry)
Phone Number
Security Signatures (Digipass codes): The fake site prompts the victim to use their physical Digipass (token reader) and enter the generated codes in real-time. This allows the attacker to authorize a new device or a large fraudulent transfer immediately.
Red Flags to Watch For
Deceptive Domain: The official domain is
argenta.be. Phishing sites use lookalikes such as argenta-veiligheid.online, nieuw-kaart-argenta.net, secure-argenta.com, or free subdomains like argenta-login.web.app.Urgent Card Replacement: Argenta will never send you a link via SMS or email to “order” a new card. New cards are usually sent automatically or managed via the secure internal mailbox.
Requesting Digipass Codes for “Updates”: Your Digipass is for authorizing your transactions only. If a site asks for a Digipass code to “verify your identity” or “apply for a card,” it is a scam.
How to Protect Yourself
Use the Argenta App: Perform all your banking and card management through the official Argenta App. It is much more secure than the web portal reached via external links.
The “No Link” Rule: Argenta explicitly states they will never include a direct link to a login page in an SMS or email. Always type the address manually into your browser.
Check the Language: While the phishing pages are often well-translated into Dutch/French, look for subtle errors or font inconsistencies compared to the official site.
Reporting: You can report Argenta phishing by forwarding suspicious emails to fraude@
argenta.be.
Expert Security Tip:
This is a Card Replacement Scam. Scammers want you to think you are getting a “new, safer card,” but they are actually stealing the Digipass signatures needed to empty your current account. Never use your Digipass reader on a website you reached via a link.