Threat Analysis: Bank of America Phishing – Fake “Security Challenge” Harvesting Phone Numbers This phishing campaign impersonates Bank of America, one of the largest banks in the United States. The page presents a fake “Security Challenge” that asks the victim to complete a CAPTCHA and enter their phone number. This page is typically encountered after …
Category Archives: Bank phishing
PNC bank phishing page detected
Threat Analysis: PNC Bank Phishing – Fake “Online Banking” Login Page This phishing campaign impersonates PNC Bank, one of the largest banks in the United States. The page mimics PNC’s online banking login interface to steal customers’ User ID and Password. How it works:The victim receives a phishing email, SMS, or other message claiming a …
Bank of America phishing page revealed
Threat Analysis: Bank of America Phishing – Fake “Checking Savings” Login Page This phishing campaign impersonates Bank of America, one of the largest banks in the United States. The page mimics the bank’s login interface to steal customers’ Online ID and Passcode (password). How it works:The victim receives a phishing email, SMS, or other message …
Bancolombia phishing page detected
Threat Analysis: Bancolombia Phishing – Fake “Sucursal Virtual Personas” Login Page This phishing campaign impersonates Bancolombia, a major Colombian bank with millions of customers. The page mimics the bank’s online banking portal (Sucursal Virtual Personas) to steal customers’ Usuario (username) and Clave (password) . How it works:The victim receives a phishing email, SMS, or other …
BANTRAB bank phishing page revealed
Threat Analysis: Bantrab Phishing – Fake Login Page Stealing Client Credentials This phishing campaign impersonates Bantrab (Banco de los Trabajadores) , a prominent bank in Guatemala. The page mimics the bank’s login interface to steal customers’ Cliente (client ID) and Usuario (username) . This information is typically used as the first step in accessing online …
AV Villas digital phishing page detected
Threat Analysis: Av Villas Phishing – Fake “Banca Virtual” Login Page This phishing campaign impersonates Av Villas (Avvillas) , a prominent Colombian bank. The page mimics the bank’s “Banca Virtual” (Virtual Banking) login interface to steal customers’ document number (typically “Cédula de Ciudadanía” – national ID) and password. How it works:The victim receives a phishing …
Scotiabank phishing page detected
Then user will be redirected to the truth Scotiabank’s Website: Threat Analysis: Scotiabank Phishing – Multi-Step Credential & Email Harvesting with Real Bank Redirection This sophisticated phishing campaign impersonates Scotiabank, targeting Spanish-speaking customers (likely in Latin America). The attack uses a multi-page flow to capture the victim’s bank login credentials (document number and password) and …
Global Bank (Panama) phishing page detected
Threat Analysis: Global Bank Phishing – Fake “Token” Verification & 2FA Code Harvesting This phishing campaign impersonates Global Bank, a financial institution operating in Panama and other Central American countries. The scam is designed to capture the victim’s dynamic password (token) —the one-time two-factor authentication (2FA) code used to authorize transactions and logins. This code …
Continue reading “Global Bank (Panama) phishing page detected”
Crédit Agricole Banque & Assurances phishing page detected
Threat Analysis: Crédit Agricole Phishing – Fake “SecuriPass” Security Update Scam This phishing campaign impersonates Crédit Agricole, one of the largest banking groups in France. The page claims that security updates have been made and urges the victim to click a link to “reinforce” their SecuriPass (the bank’s real security feature). The page outlines a …
Continue reading “Crédit Agricole Banque & Assurances phishing page detected”
Banco BPM (Italy) phishing page detected
Threat Analysis: Banco BPM Phishing – Multi-Step Credential, Phone Number & OTP Harvesting This phishing campaign impersonates Banco BPM, one of Italy’s largest banking groups. The scam uses a multi-page flow to capture the victim’s online banking credentials, phone number, and OTP (one-time password) —the two-factor authentication code. By harvesting all three, attackers can bypass …