Author Archives: Anti-phishing

A phishing campaign targeting MidFirst Bank customers utilizes a “Security Update” pretext, employing SMS or email to prompt users to sync accounts on a fraudulent website. This high-level threat harvests login credentials and real-time One-Time Passcodes (OTP) via a clone of the official MidFirst login page, enabling immediate account takeover. MidFirst Bank “Personal Banking Security” …

Continue reading “MidFirst Bank phishing page detected”

This phishing case targets Sparkasse customers in Germany using a sophisticated “PushTAN/S-ID-Check” scam. Attackers utilize smishing and email to direct users to fraudulent, pixel-perfect sites, harvesting credentials and using Man-in-the-Middle techniques to trick users into authorizing fraudulent device registration through the official app. Protection involves disregarding links, using only the official app, and carefully verifying …

Continue reading “Sparkasse phishing page revealed”

An Interac phishing campaign, often targeting Canadian bank customers, uses a sophisticated gateway to impersonate the instant money transfer system and harvest banking credentials, security questions, and OTP codes. Victims are lured via SMS or email to fake portals that perfectly clone major financial institutions to facilitate account takeovers. This phishing campaign targeting Canadian bank …

Continue reading “Interac phishing page detected”

A sophisticated TD Bank phishing campaign targets Canadian and US customers using fraudulent SMS and emails to harvest EasyWeb credentials, security answers, and real-time OTP codes. The phishing kit, dubbed “EasyWeb Security Update,” utilizes a high-fidelity clone of the login portal to bypass multi-factor authentication, with scammers aiming for full account takeover via stolen security …

Continue reading “TD Bank phishing page revealed”

A high-fidelity Arvest Bank phishing campaign targets U.S. customers using SMS and email to steal credentials and intercept real-time MFA codes via fraudulent “sync” pages. Scammers use lookalike domains to trick users into providing login IDs, passwords, and security codes to bypass two-factor authentication, with official, manual access to arvest.com being the primary defense. This …

Continue reading “Arvest bank phishing page detected”

A sophisticated Man-in-the-Middle (MitM) phishing campaign targeting Swedbank customers across the Baltic and Nordic regions, utilizing fraudulent Smart-ID and BankID authentication requests to steal credentials in real-time [1]. Attackers deploy malicious clones of the Swedbank login portal to harvest Personal Identity Numbers, phone numbers, and PINs, using them instantly on the legitimate site to hijack …

Continue reading “Swedbank phishing page revealed”

A sophisticated Banco Bradesco phishing campaign targeting Brazilian users through fake “security re-registration” messages to steal account credentials and security tokens in real time. This critical-level threat employs lookalike domains and smishing to intercept Agency/Account numbers, PINs, CPF numbers, and mobile token codes for full account takeover. метода фишинга на основе скриншота? Чтобы люди были …

Continue reading “Banco Bradesco phishing page detected”