Thank you for sharing these four screenshots. They show a multi-step phishing campaign impersonating Nickel, a French neobank (a subsidiary of BNP Paribas) that offers fee-based bank accounts typically sold in tobacco shops. The scam is designed to capture the victimâs identifier, access code, SMS verification code, and full card detailsâenabling full account takeover and …
Category Archives: Bank phishing
Banco G&T Continental phishing page detected
Threat Analysis: Banco G&T Continental Phishing â Credential & SMS Token Harvesting This phishing campaign impersonates Banco G&T Continental, one of the largest banks in Guatemala. The scam uses a multi-page flow to capture the victimâs online banking credentials and then the SMS token (two-factor authentication code) , allowing attackers to bypass security measures and …
Continue reading “Banco G&T Continental phishing page detected”
Banco de Galicia phishing page detected
Threat Analysis: Banco Galicia Phishing â Fake âAccesoâ Login Page This phishing campaign impersonates Banco Galicia, one of the largest banks in Argentina. The page mimics the bankâs login interface to steal customersâ DNI (national identification number), Usuario Galicia (username), and Clave Galicia (password) âthe three pieces of information typically required to access online banking. …
NiCKEL phishing page detected
Threat Analysis: Nickel Phishing â Fake âSponsorshipâ Offer Stealing Card Details This phishing campaign impersonates Nickel, a French neobank (a subsidiary of BNP Paribas). The scam uses a fake âparrainageâ (referral/sponsorship) offer to lure victims into providing their personal information and full card details under the guise of participating in a rewards program. How it …
Naranja X phishing page detected
Threat Analysis: Naranja X Phishing â Fake Login Page Stealing Email and Password This phishing campaign impersonates Naranja X, a popular digital financial platform in Argentina that offers credit cards, loans, and digital accounts. The page mimics the platformâs login interface to steal customersâ email address and password. How it works:The victim receives a phishing …
Daviplata phishing page detected
Threat Analysis: Daviplata Phishing â Credential & SMS Code Harvesting This phishing campaign impersonates Daviplata, a widely used digital wallet and mobile payment platform in Colombia, operated by Davivienda Bank. The scam uses a multi-page flow to capture the victimâs document number, Daviplata password, and the SMS verification codeâthe three elements needed to access the …
Bancolombia phishing page revealed
Threat Analysis: Generic Banking Phishing â Credential & SMS Code Harvesting This phishing campaign impersonates a financial institution (likely a bank or digital wallet in Latin America, based on the Spanish language and the âreactivarâ â reactivate â pretext). The scam uses a multi-page flow to capture the victimâs username, password, and SMS verification code …
Citizens Bank phishing page detected
Then visitor will be redirected to the official website of Citizens Bank. Threat Analysis: Citizens Bank Phishing â Full Identity & Financial Data Harvesting This phishing campaign impersonates Citizens Bank, a prominent bank in the United States. The scam uses a multi-page flow to capture: This combination of data enables attackers to commit identity theft, …
Bank of America pishing pages in Spanish detected
Threat Analysis: Bank of America Phishing â Email Credential & Card Data Harvesting This phishing campaign impersonates Bank of America, targeting Spanish-speaking customers. The scam uses a multi-page flow to capture: By compromising both the email account and the payment card, attackers can gain persistent access to sensitive communications and conduct unauthorized transactions. How it …
Continue reading “Bank of America pishing pages in Spanish detected”
Credit Agricole Bank phishing page detected
Threat Analysis: CrĂŠdit Agricole Phishing â MultiâStage SĂŠcuriPass & Credential Theft This phishing campaign impersonates CrĂŠdit Agricole. The scam uses a long, multiâpage flow to capture: By harvesting both the SMS and email codes, attackers can bypass multiple security layers and gain full account access. How it works:The victim receives a phishing email claiming they …
Continue reading “Credit Agricole Bank phishing page detected”