This screenshot shows a phishing page impersonating Banesco, a major bank operating in Venezuela, Panama, and other Latin American countries. The page mimics the bank’s online login interface to steal customers’ usuario (username) and contraseña (password). Threat Analysis: Banesco Phishing – Fake “Contigo” Login Page How it works:The victim receives a phishing email, SMS, or …
Continue reading “Banesco Phishing – Fake “Contigo” Login Page”
This is a highly sophisticated phishing attack targeting users of online marketplaces (like the Japanese service Jimoty). Here is how the scam works and how to spot it. 1. The Trap: Fake Urgency The page displays a message stating that your account has been suspended. It creates artificial pressure by claiming you must “verify your …
This set of screenshots shows a phishing campaign impersonating Poshmark, a popular online marketplace for second‑hand goods. The scam uses a fake “account restricted” notification and a fake support chat to pressure victims into providing full credit/debit card details, personal information, and contact details. Threat Analysis: How the scam works (multi‑step flow): Fake Order Summary …
Continue reading “Poshmark Phishing – Fake Account Restriction & Card Harvesting”
This phishing campaign impersonates dao, a Danish parcel delivery service. The scam uses a fake “delivery failed” notification to trick victims into providing personal information, which can later be used for identity theft or to redirect victims to a payment page where credit card details are stolen. How it works: Fake Tracking Page – The …
Phishing Alert: The “Agency Complaint Matrix” Trap## Target: Customers and Employees of French Banking Groups (Crédit Agricole) Our AI-engine, Miniban, has detected a highly sophisticated spear-phishing campaign hosted on GitHub Pages. This attack mimics internal banking tools to bypass standard security filters and steal sensitive financial data. 1. The “Trusted Host” Camouflage Scammers are using …
Continue reading “GitHub Pages Abused for French Banking Fraud”
Below is a description of the Norwegian BankID phishing campaign shown in the screenshots. The attack attempts to harvest multiple layers of authentication data. Threat Analysis: BankID Phishing – Full Credential & 2FA Harvesting (Norwegian Variant) This multi‑step phishing campaign impersonates BankID, the common Norwegian electronic identification system used by most banks. The attacker’s goal …
Below is a description of this phishing campaign targeting Posti (the Finnish postal service) and using a fake bank authentication page to steal avainluku (key number) credentials. Threat Analysis: Posti Phishing – Fake “Key Number” Authentication Scam (Finnish Bank Credential Theft) This phishing campaign impersonates Posti, the Finnish postal service. The scam uses a fake …
Continue reading “Posti Phishing – Fake “Key Number” Authentication Scam”
Threat Analysis: Matkahuolto Phishing – Fake Payment Release Scam (Finnish Variant) This phishing campaign impersonates Matkahuolto, a well-known Finnish logistics and transport company. The scam targets sellers on classified or marketplace platforms, creating a fake payment confirmation process. The victim is led to believe that a buyer has already paid for an item, and the …
Continue reading “Matkahuolto Phishing – Fake Payment Release Scam detected”
Below is an analysis of the phishing campaign based on the three screenshots. The attack impersonates Bank Negara Malaysia (the central bank) and then Google, using a fake login flow to steal credentials for both. Threat Analysis: Multi‑Step Phishing – Bank Negara Malaysia & Google Credential Harvesting This campaign targets users in Malaysia and Indonesia …
Continue reading “Bank Negara Malaysia & Google Credential Harvesting revealed”
Phishing Alert: The “Fake Buyer” Marketplace Scam This screenshot demonstrates a common and dangerous phishing tactic used on classifieds and marketplace platforms (like Carousell, Olx, or Avito). Here is a breakdown of how this scam works to steal your banking information: 1. The Domain Deception Look closely at the URL: carousell.83774920.sale/…. 2. The Emotional Hook: …
