A phishing campaign targeting Lead Bank business customers uses fraudulent “unauthorized login” alerts to drive victims to a spoofed portal designed to steal credentials, personal information, and 2FA codes. The attack creates a sense of urgency to trick users into entering sensitive data on a site with a misleading domain. To protect against this threat, …
Monthly Archives: November 2025
Banque Nationale phishing page detected
A phishing campaign targeting National Bank of Canada (Banque Nationale) clients uses fake “Interac e-Transfer” notifications to steal login credentials, security questions, and OTPs. The fraudulent pages, often mimicking the official BNC portal, are designed to capture data from users in Canada and Quebec. To protect against this threat, users are advised to enable Interac …
Fake Ditchit card verification page detected
The fake DitchIt card verification scam is a high-level phishing threat targeting users on classified marketplaces, utilizing fake, secure-looking checkout pages to steal full credit card details and cardholder information. This fraud technique often involves directing users off-platform, requesting balance verification, and harvesting data to drain user accounts. Target: Users of DitchIt (Marketplace & Resale …
Continue reading “Fake Ditchit card verification page detected”
Bank of America fake page detected
A sophisticated Bank of America phishing campaign is active, using fake “account lock” alerts to steal online credentials, Social Security numbers, and OTP codes. The attack utilizes pixel-perfect clones of the Bank of America portal, often combined with telephone spoofing, to harvest full financial access. Users should avoid clicking links in alerts and instead navigate …
Fibank (Bulgaria) phishing page detected
A phishing campaign targeting First Investment Bank (Fibank) in Bulgaria uses a fake “digital certificate update” to steal user credentials and one-time passwords (OTP). Scammers employ a “security scare” tactic, directing victims to a lookalike login portal that harvests login IDs, passwords, and OTPs for real-time account takeover. Target: Customers of First Investment Bank (Fibank …
TymeBank phishing page detected
TymeBank phishing campaigns target South African customers through SMS and email alerts claiming account suspension, directing victims to a fake portal designed to steal ID numbers, PINs, and real-time OTPs. These attacks exploit the bank’s digital-only model, urging users to use official applications and ignore suspicious links. Target: Customers of TymeBank (South Africa)Threat Level: High …