Anti-phishing, Author at Antiphishing.biz

Fake Xfinity Login Pages

We have discovered a phishing campaign that uses fake Xfinity pages to steal your login credentials. Below is how the attack works, based on real screenshots. How the Scam Works Step 1 – The “Thanks for choosing xfinity” lureThe victim lands on a simple page with an Xfinity logo, a “Thanks for choosing xfinity” message, …

Continue reading “Fake Xfinity Login Pages”

Banesco Phishing – Fake “Contigo” Login Page

This screenshot shows a phishing page impersonating Banesco, a major bank operating in Venezuela, Panama, and other Latin American countries. The page mimics the bank’s online login interface to steal customers’ usuario (username) and contraseña (password). Threat Analysis: Banesco Phishing – Fake “Contigo” Login Page How it works:The victim receives a phishing email, SMS, or …

Continue reading “Banesco Phishing – Fake “Contigo” Login Page”

The “Carte Vitale” Renewal Scam

This phishing method targets residents of France, but similar schemes are used globally to mimic national health insurance services. Scammers use fake websites like ameli-vitale.fr to steal your sensitive data. 1. The Hook (The “Urgency” Trick) You receive an SMS (smishing) or an email claiming that your Carte Vitale (French health insurance card) has expired …

Continue reading “The “Carte Vitale” Renewal Scam”

PayPal Phishing – Fake “New Device Detected” & Credential Harvesting

The two screenshots show a two‑step PayPal phishing attack. The first page impersonates a security alert, claiming a login from an unrecognized device. The victim is pressured to click a button to “remove” that device, which leads to a fake PayPal login page where the victim’s email and password are stolen. Threat Analysis: PayPal Phishing …

Continue reading “PayPal Phishing – Fake “New Device Detected” & Credential Harvesting”

Fake Secure Payment (Correos)

Phishing Alert: The “Fake Secure Payment” Scam This screenshot illustrates a sophisticated phishing attack targeting sellers on classified ad platforms (like OLX, Vinted, or Wallapop). Here is how the scam works and how to stay safe: 1. The Setup The scammer contacts a seller pretending to be a buyer. They claim they have already paid …

Continue reading “Fake Secure Payment (Correos)”

Bazaraki Phishing – Fake Account Verification Scam

This screenshot shows a phishing page impersonating Bazaraki, a major classifieds platform in Cyprus. The page uses a fake account restriction notice to pressure victims into providing personal and financial information. Threat Analysis: Bazaraki Phishing – Fake Account Verification Scam How it works:The victim receives a message claiming their Bazaraki account has been restricted and …

Continue reading “Bazaraki Phishing – Fake Account Verification Scam”

The Courier Guy Phishing – Small Fee & Card Data Harvesting

This screenshot shows a phishing page impersonating The Courier Guy, a South African courier service. The victim is told that a parcel has an outstanding balance of R15.99 and must be paid immediately. The page then requests full credit/debit card details (cardholder name, card number, expiry date, CVV) along with the card issuer bank and …

Continue reading “The Courier Guy Phishing – Small Fee & Card Data Harvesting”

The “American Bank Trust” (Trut) Scam

High-Fidelity Fintech Phishing Origin: Nigeria | Platform: Fig (hellofig.app) 1. The Anatomy of the Scam This screenshot shows a sophisticated phishing dashboard designed to look like a high-end online banking portal. The attacker is using a legitimate Fintech-as-a-Service (FaaS) platform, Fig, to build a believable user interface that mimics a real bank’s “Account Overview.” 2. …

Continue reading “The “American Bank Trust” (Trut) Scam”

Corporate Credential Theft (GEB Case Study)

Advanced Phishing Alert This is a sophisticated cyberattack targeting employees of a specific organization (Grupo Energía Bogotá). It uses “trust-building” techniques to steal corporate login credentials and bypass security measures. 1. The Strategy: The “Bait and Switch” The attacker shares a shortened URL that appears to lead to a legitimate, harmless resource — in this …

Continue reading “Corporate Credential Theft (GEB Case Study)”

Fake Account Suspension. Jimoty, ジモティー

This is a highly sophisticated phishing attack targeting users of online marketplaces (like the Japanese service Jimoty). Here is how the scam works and how to spot it. 1. The Trap: Fake Urgency The page displays a message stating that your account has been suspended. It creates artificial pressure by claiming you must “verify your …

Continue reading “Fake Account Suspension. Jimoty, ジモティー”