Below is a description of this phishing campaign targeting Posti (the Finnish postal service) and using a fake bank authentication page to steal avainluku (key number) credentials. Threat Analysis: Posti Phishing – Fake “Key Number” Authentication Scam (Finnish Bank Credential Theft) This phishing campaign impersonates Posti, the Finnish postal service. The scam uses a fake …
Continue reading “Posti Phishing – Fake “Key Number” Authentication Scam”
Threat Analysis: Matkahuolto Phishing – Fake Payment Release Scam (Finnish Variant) This phishing campaign impersonates Matkahuolto, a well-known Finnish logistics and transport company. The scam targets sellers on classified or marketplace platforms, creating a fake payment confirmation process. The victim is led to believe that a buyer has already paid for an item, and the …
Continue reading “Matkahuolto Phishing – Fake Payment Release Scam detected”
Below is an analysis of the phishing campaign based on the three screenshots. The attack impersonates Bank Negara Malaysia (the central bank) and then Google, using a fake login flow to steal credentials for both. Threat Analysis: Multi‑Step Phishing – Bank Negara Malaysia & Google Credential Harvesting This campaign targets users in Malaysia and Indonesia …
Continue reading “Bank Negara Malaysia & Google Credential Harvesting revealed”
🛡️ Phishing Alert: The “eWallet Hijack” Scam This screenshot shows a sophisticated phishing page that impersonates the Touch ‘n Go eWallet login interface. While the URL suggests a gaming theme (sangepoints), the actual goal is to drain your digital wallet. 1. Brand Impersonation (Spoofing) The attackers use the official colors, fonts, and the Touch ‘n …
🛡️ Phishing Alert: The “Fake Buyer” Marketplace Scam This screenshot demonstrates a common and dangerous phishing tactic used on classifieds and marketplace platforms (like Carousell, Olx, or Avito). Here is a breakdown of how this scam works to steal your banking information: 1. The Domain Deception Look closely at the URL: carousell.83774920.sale/…. 2. The Emotional …
These screenshots show a phishing campaign impersonating Pinkoi (a popular e‑commerce platform for designers and handmade goods) and an associated seller named “Amberlithuania”. The scam uses a fake account suspension notice to trick victims into providing full bank card details and personal information. Threat Analysis: Pinkoi Seller Phishing – Fake “Account Suspended” / Card Verification …
A phishing campaign targeting easybank (a German direct bank), based on the two screenshots. Threat Analysis: easybank Phishing – Fake Online Banking Login with Fake Waiting Page This phishing campaign impersonates easybank, a German online bank. The attack is designed to steal the victim’s online banking credentials (username and password) and then use a fake …
The Scotiabank phishing campaign observed in early 2026 utilizes fake account verification alerts, leveraging fraudulent emails or SMS to direct users to a professionally designed, deceptive login page. Attackers aim to capture ScotiaCard numbers, passwords, and secondary verification data to gain unauthorized access to accounts.
Target: ING Bank Customers (Europe/Romania/Poland)Threat Level: Critical (Session Hijacking)Phishing Method DescriptionThis method focuses on Device Authorization Theft. The phishing page mimics the ING “HomeBank” interface, often using a “Synchronize your security device” or “Update HomeBank app” pretext.The attacker’s goal is not just your password, but the Authorization Code (token) generated by your mobile app. By …
A sophisticated phishing campaign targeting Banco de Bogotá in Colombia uses deceptive “security update” messages to steal user credentials, including identification numbers and full credit card details. This fraudulent site imitates the official banking portal to bypass security checks and solicit sensitive information through high-pressure tactics. Target: Customers of Banco de Bogotá (Colombia)Threat Level: High …
