This set of screenshots shows a phishing campaign impersonating Poshmark, a popular online marketplace for second‑hand goods. The scam uses a fake “account restricted” notification and a fake support chat to pressure victims into providing full credit/debit card details, personal information, and contact details. Threat Analysis: How the scam works (multi‑step flow): Fake Order Summary …
Continue reading “Poshmark Phishing – Fake Account Restriction & Card Harvesting”
This phishing campaign impersonates dao, a Danish parcel delivery service. The scam uses a fake “delivery failed” notification to trick victims into providing personal information, which can later be used for identity theft or to redirect victims to a payment page where credit card details are stolen. How it works: Fake Tracking Page – The …
HIGH RISK / SCAM A sophisticated phishing campaign originated in Algeria, targeting the French business sector. Scammers used Google Share links to bypass email security filters, redirecting victims to a temporary Atoms.dev deployment. The site impersonated a fake Spanish trade entity, “Pro Lite Stock,” offering fraudulent import/export services for premium Algerian products. Technical Breakdown Key …
Continue reading “🇩🇿 🇫🇷 Cross-Border B2B Fraud: The “Atoms.dev” Phishing Wave”
Our system just neutralized a sophisticated Pump & Dump scheme targeting the Singaporean market using North African infrastructure.The Technical Anatomy of the Attack: Deep Dive into TikTok Ads Metadata:Our engine intercepted the link containing specific tracking parameters used by professional fraud-arbitrageurs: The Fraud Mechanism:Scammers use paid TikTok ads to target affluent regions (Singapore) with “get-rich-quick” …
Continue reading “Case Study: Intercontinental Crypto-Scam Uncovered”
🛡️ Phishing Alert: The “Agency Complaint Matrix” Trap## Target: Customers and Employees of French Banking Groups (Crédit Agricole) Our AI-engine, Miniban, has detected a highly sophisticated spear-phishing campaign hosted on GitHub Pages. This attack mimics internal banking tools to bypass standard security filters and steal sensitive financial data. 1. The “Trusted Host” Camouflage Scammers are …
Continue reading “GitHub Pages Abused for French Banking Fraud”
Below is a description of the Norwegian BankID phishing campaign shown in the screenshots. The attack attempts to harvest multiple layers of authentication data. Threat Analysis: BankID Phishing – Full Credential & 2FA Harvesting (Norwegian Variant) This multi‑step phishing campaign impersonates BankID, the common Norwegian electronic identification system used by most banks. The attacker’s goal …
Below is a description of this phishing campaign targeting Posti (the Finnish postal service) and using a fake bank authentication page to steal avainluku (key number) credentials. Threat Analysis: Posti Phishing – Fake “Key Number” Authentication Scam (Finnish Bank Credential Theft) This phishing campaign impersonates Posti, the Finnish postal service. The scam uses a fake …
Continue reading “Posti Phishing – Fake “Key Number” Authentication Scam”
Threat Analysis: Matkahuolto Phishing – Fake Payment Release Scam (Finnish Variant) This phishing campaign impersonates Matkahuolto, a well-known Finnish logistics and transport company. The scam targets sellers on classified or marketplace platforms, creating a fake payment confirmation process. The victim is led to believe that a buyer has already paid for an item, and the …
Continue reading “Matkahuolto Phishing – Fake Payment Release Scam detected”
Below is an analysis of the phishing campaign based on the three screenshots. The attack impersonates Bank Negara Malaysia (the central bank) and then Google, using a fake login flow to steal credentials for both. Threat Analysis: Multi‑Step Phishing – Bank Negara Malaysia & Google Credential Harvesting This campaign targets users in Malaysia and Indonesia …
Continue reading “Bank Negara Malaysia & Google Credential Harvesting revealed”
🛡️ Phishing Alert: The “eWallet Hijack” Scam This screenshot shows a sophisticated phishing page that impersonates the Touch ‘n Go eWallet login interface. While the URL suggests a gaming theme (sangepoints), the actual goal is to drain your digital wallet. 1. Brand Impersonation (Spoofing) The attackers use the official colors, fonts, and the Touch ‘n …
