This screenshot shows a Spanish‑language phishing page impersonating a delivery service (such as Correos or another courier). The scam asks the victim to pay a small fee (€1.98) for a “new delivery attempt” and in the process harvests full credit card details. Threat Analysis: Delivery Phishing – Small Fee & Card Harvesting How it works:The …
Author Archives: Anti-phishing
Fake Spotify page detected
These two screenshots show a phishing campaign impersonating Spotify, targeting users with a fake subscription renewal alert. The scam threatens that the victim’s subscription will be lost unless they update their payment method, then directs them to a page that steals full credit card details. Threat Analysis: Spotify Phishing – Fake Subscription Expiration & Card …
Sociedad Estatal Correos y Telegrafos (Spain) fake page detected
These two screenshots show a Spanish‑language phishing campaign impersonating Correos (the Spanish postal service). The scam uses a fake delivery fee (€2.64) and an urgent deadline to trick victims into providing full credit card details. Threat Analysis: Correos Phishing – Fake “New Delivery Attempt” Fee How it works:The victim receives an SMS, email, or message …
Continue reading “Sociedad Estatal Correos y Telegrafos (Spain) fake page detected”
Santander bank phishing page revealed
Yet one example: These six screenshots show a multi‑step phishing campaign impersonating Santander Bank, targeting Spanish‑speaking customers. The attack is designed to harvest: The flow mimics real Santander security steps, making it particularly convincing. Threat Analysis: Santander Phishing – Credential, Electronic Signature & Card Data Harvesting Step 1 – Fake Login Page (Screenshots 1 & …
Fake USPS tracking page has been detected
A sophisticated phishing campaign impersonating the United States Postal Service (USPS) is targeting residents with fraudulent SMS and emails claiming an “incomplete address” for package delivery. Victims are directed to a cloned website that steals personal information and credit card details, including CVV and 3D-Secure codes, by prompting for a small re-delivery fee. This phishing …
Continue reading “Fake USPS tracking page has been detected”
A fake Instagram page about copyright infringement in Turkish has been identified.
A Turkish-language phishing campaign targeting Instagram creators uses fake “Copyright Infringement” notifications to steal account credentials and bypass two-factor authentication. Victims are coerced through “legal scaring” tactics to enter credentials on a fake site that immediately harvests usernames, passwords, and 2FA codes. This Turkish-language Instagram phishing attack uses a “Copyright Infringement” threat via DMs to …
Instagram phishing page revealed: photooftheday.click
An Instagram phishing campaign uses “Photo of the Day” contests as a social engineering lure to steal user credentials and bypass two-factor authentication (2FA). Attackers use deceptive URLs to direct victims to fake login pages designed to harvest usernames, passwords, and 2FA codes, often capitalizing on the victim’s desire for social validation. Instagram users are …
Continue reading “Instagram phishing page revealed: photooftheday.click”
Banco Ripley (Chile) phishing page detected
A phishing campaign targeting Banco Ripley in Chile uses smishing and email, directing users to a cloned website that mimics the official login portal to steal RUT numbers, passwords, and dynamic tokens. This Man-in-the-Middle (MitM) attack specifically aims to bypass security measures by harvesting real-time OTP codes to facilitate unauthorized transactions. A Banco Ripley (Chile) …
Continue reading “Banco Ripley (Chile) phishing page detected”
Fake Snapchat password reset page in Arabic detected
A phishing campaign targeting Arabic-speaking Snapchat users in the MENA region uses fake password reset pages to steal credentials and bypass two-factor authentication (2FA). Attackers utilize high-fidelity clones of the Snapchat login portal and real-time credential relay tactics to hijack user sessions and private data. This case highlights a Real-Time Proxy Attack targeting Snapchat, where …
Continue reading “Fake Snapchat password reset page in Arabic detected”
Comcast Xfinity phishing page detected
A phishing campaign targeting Comcast Xfinity customers uses deceptive emails claiming billing failures to harvest login credentials, credit card details, and Social Security numbers. The attack leverages fraudulent links and high-fidelity clones of the official login page to steal comprehensive personal and financial data. This phishing method uses urgent, fake security alerts via email or …