This phishing campaign against PayPal users utilizes fraudulent “Account Suspension” notifications to direct victims to a high-fidelity cloned site. The multi-step funnel steals user credentials, personal information, and credit card data, often employing deceptive domains and urgent demands to bypass security measures. Target: PayPal Users WorldwideThreat Level: Critical (Financial & Identity Theft)Phishing Method DescriptionThis attack …
Author Archives: Anti-phishing
Bank Central Asia phishing page detected
A phishing campaign targeting Bank Central Asia (BCA) customers in Indonesia uses WhatsApp-based smishing to direct victims to fraudulent sites mimicking the KlikBCA login portal. Attackers aim to harvest User IDs, PINs, and KeyBCA token codes, enabling real-time, fraudulent transaction authorization. The attack is a “Token Interception” method, utilizing spoofed domains like klikbca-update.online to bypass …
Banco CUSCATLAN phishing page detected
A phishing campaign targeting Banco Cuscatlán users in El Salvador and Guatemala uses fraudulent “digital profile update” notifications to steal netbanking credentials and OTP codes. The attack, which directs victims to a pixel-perfect replica of the legitimate site, aims to perform real-time account takeovers via deceptive domains and urgent, alarming messaging. Customers are advised to …
Bank of America phishing page revealed
A June 2025 phishing campaign targeting Bank of America users employs a “Compliance & Maintenance” pretext, claiming an “incomplete profile update” to steal credentials and bypass two-factor authentication [1]. The fraudulent site, often hosted on deceptive domains, attempts to capture online banking IDs, passcodes, email credentials, and real-time one-time passcodes (OTP). Users should be wary …
Google Maps fake page revealed
A phishing campaign impersonating Google Maps tricks users into entering credentials on fake pages to steal full Google Account access. These attacks leverage fraudulent “Location Update” alerts, often capturing 2FA codes in real-time to bypass security measures. Target: Global Google Account UsersThreat Level: Critical (Full Google Account & Gmail Hijacking)Phishing Method DescriptionThis attack uses a …
Google Meet phishing page detected
This phishing campaign abuses legitimate Windows device management (MDM) features, masquerading as a fake Google Meet update to gain full, remote control over a victim’s computer. Instead of stealing credentials, the attack tricks users into enrolling their devices into an attacker-controlled system, allowing for malicious software installation and remote file access. Target: Corporate Employees, Job …
Portuguese government phishing page discovered
A May 2025 phishing campaign targeting Portuguese government and financial sectors uses the “ClickFix” method to trick users into executing malicious PowerShell commands. Posing as official tax authority (AT) alerts via WeTransfer, this attack distributes Lampion malware designed to steal data. To avoid this scam, verify that official communications use the gov.pt domain and manually …
Continue reading “Portuguese government phishing page discovered”
Argenta Bank phishing page detected
A sophisticated phishing campaign targeting Argenta Bank customers in Belgium and the Netherlands utilizes fraudulent “Digipass synchronization” to perform real-time session hijacking and fund theft. Attackers use phishing sites to harvest login credentials and security codes, prompting users with fake urgent security alerts to bypass two-factor authentication. Argenta Bank “New Debit Card” PhishingTarget: Customers of …
BNP Paribas bank group phishing page revealed
A phishing campaign targeting BNP Paribas customers in Europe uses a “Restricted Access” pretext to steal credentials, mobile numbers, and digital tokens for the “Mon Compte” system. Attackers use sophisticated fake portals with fake virtual keypads, aiming to intercept real-time authorization codes to hijack online banking accounts. BNP Paribas “Digital Key Verification” PhishingTarget: Customers of …
Continue reading “BNP Paribas bank group phishing page revealed”
Bank Syariah Indonesia (BSI) phishing page detected
A phishing campaign targeting Bank Syariah Indonesia (BSI) customers leverages fake “system migration” or “new fee” notifications sent via SMS and WhatsApp to steal mobile banking credentials. The fraudulent sites prompt users to input their BSI Mobile phone number, 6-digit PIN, and OTP, allowing attackers to hijack accounts. Bank Syariah Indonesia (BSI) “New Service Fee” …
Continue reading “Bank Syariah Indonesia (BSI) phishing page detected”