Author Archives: Anti-phishing

Thank you for sharing these four screenshots. They show a multi-step phishing campaign impersonating Nickel, a French neobank (a subsidiary of BNP Paribas) that offers fee-based bank accounts typically sold in tobacco shops. The scam is designed to capture the victim’s identifier, access code, SMS verification code, and full card details—enabling full account takeover and …

Continue reading “Nickel phishing page revealed”

Threat Analysis: Banco G&T Continental Phishing – Credential & SMS Token Harvesting This phishing campaign impersonates Banco G&T Continental, one of the largest banks in Guatemala. The scam uses a multi-page flow to capture the victim’s online banking credentials and then the SMS token (two-factor authentication code) , allowing attackers to bypass security measures and …

Continue reading “Banco G&T Continental phishing page detected”

Threat Analysis: Banco Galicia Phishing – Fake “Acceso” Login Page This phishing campaign impersonates Banco Galicia, one of the largest banks in Argentina. The page mimics the bank’s login interface to steal customers’ DNI (national identification number), Usuario Galicia (username), and Clave Galicia (password) —the three pieces of information typically required to access online banking. …

Continue reading “Banco de Galicia phishing page detected”

Threat Analysis: Nickel Phishing – Fake “Sponsorship” Offer Stealing Card Details This phishing campaign impersonates Nickel, a French neobank (a subsidiary of BNP Paribas). The scam uses a fake “parrainage” (referral/sponsorship) offer to lure victims into providing their personal information and full card details under the guise of participating in a rewards program. How it …

Continue reading “NiCKEL phishing page detected”

Threat Analysis: Naranja X Phishing – Fake Login Page Stealing Email and Password This phishing campaign impersonates Naranja X, a popular digital financial platform in Argentina that offers credit cards, loans, and digital accounts. The page mimics the platform’s login interface to steal customers’ email address and password. How it works:The victim receives a phishing …

Continue reading “Naranja X phishing page detected”

Threat Analysis: Daviplata Phishing – Credential & SMS Code Harvesting This phishing campaign impersonates Daviplata, a widely used digital wallet and mobile payment platform in Colombia, operated by Davivienda Bank. The scam uses a multi-page flow to capture the victim’s document number, Daviplata password, and the SMS verification code—the three elements needed to access the …

Continue reading “Daviplata phishing page detected”

Threat Analysis: Generic Banking Phishing – Credential & SMS Code Harvesting This phishing campaign impersonates a financial institution (likely a bank or digital wallet in Latin America, based on the Spanish language and the “reactivar” – reactivate – pretext). The scam uses a multi-page flow to capture the victim’s username, password, and SMS verification code …

Continue reading “Bancolombia phishing page revealed”

Then visitor will be redirected to the official website of Citizens Bank. Threat Analysis: Citizens Bank Phishing – Full Identity & Financial Data Harvesting This phishing campaign impersonates Citizens Bank, a prominent bank in the United States. The scam uses a multi-page flow to capture: This combination of data enables attackers to commit identity theft, …

Continue reading “Citizens Bank phishing page detected”