The Scotiabank phishing campaign observed in early 2026 utilizes fake account verification alerts, leveraging fraudulent emails or SMS to direct users to a professionally designed, deceptive login page. Attackers aim to capture ScotiaCard numbers, passwords, and secondary verification data to gain unauthorized access to accounts.
Monthly Archives: January 2026
ING Home’Bank phishing page revealed
Target: ING Bank Customers (Europe/Romania/Poland)Threat Level: Critical (Session Hijacking)Phishing Method DescriptionThis method focuses on Device Authorization Theft. The phishing page mimics the ING “HomeBank” interface, often using a “Synchronize your security device” or “Update HomeBank app” pretext.The attacker’s goal is not just your password, but the Authorization Code (token) generated by your mobile app. By …