Below is an analysis of the phishing campaign based on the three screenshots. The attack impersonates Bank Negara Malaysia (the central bank) and then Google, using a fake login flow to steal credentials for both. Threat Analysis: Multi‑Step Phishing – Bank Negara Malaysia & Google Credential Harvesting This campaign targets users in Malaysia and Indonesia …
Continue reading “Bank Negara Malaysia & Google Credential Harvesting revealed”
Phishing Alert: The “eWallet Hijack” Scam This screenshot shows a sophisticated phishing page that impersonates the Touch ‘n Go eWallet login interface. While the URL suggests a gaming theme (sangepoints), the actual goal is to drain your digital wallet. 1. Brand Impersonation (Spoofing) The attackers use the official colors, fonts, and the Touch ‘n Go …
Phishing Alert: The “Fake Buyer” Marketplace Scam This screenshot demonstrates a common and dangerous phishing tactic used on classifieds and marketplace platforms (like Carousell, Olx, or Avito). Here is a breakdown of how this scam works to steal your banking information: 1. The Domain Deception Look closely at the URL: carousell.83774920.sale/…. 2. The Emotional Hook: …
These screenshots show a phishing campaign impersonating Pinkoi (a popular e‑commerce platform for designers and handmade goods) and an associated seller named “Amberlithuania”. The scam uses a fake account suspension notice to trick victims into providing full bank card details and personal information. Threat Analysis: Pinkoi Seller Phishing – Fake “Account Suspended” / Card Verification …
A phishing campaign targeting easybank (a German direct bank), based on the two screenshots. Threat Analysis: easybank Phishing – Fake Online Banking Login with Fake Waiting Page This phishing campaign impersonates easybank, a German online bank. The attack is designed to steal the victim’s online banking credentials (username and password) and then use a fake …
