Category Archives: Bank phishing

A phishing campaign targeting easybank (a German direct bank), based on the two screenshots. Threat Analysis: easybank Phishing – Fake Online Banking Login with Fake Waiting Page This phishing campaign impersonates easybank, a German online bank. The attack is designed to steal the victim’s online banking credentials (username and password) and then use a fake …

Continue reading “Easybank phishing page detected”

The Scotiabank phishing campaign observed in early 2026 utilizes fake account verification alerts, leveraging fraudulent emails or SMS to direct users to a professionally designed, deceptive login page. Attackers aim to capture ScotiaCard numbers, passwords, and secondary verification data to gain unauthorized access to accounts.

Target: ING Bank Customers (Europe/Romania/Poland)Threat Level: Critical (Session Hijacking)Phishing Method DescriptionThis method focuses on Device Authorization Theft. The phishing page mimics the ING “HomeBank” interface, often using a “Synchronize your security device” or “Update HomeBank app” pretext.The attacker’s goal is not just your password, but the Authorization Code (token) generated by your mobile app. By …

Continue reading “ING Home’Bank phishing page revealed”

A sophisticated phishing campaign targeting Banco de Bogotá in Colombia uses deceptive “security update” messages to steal user credentials, including identification numbers and full credit card details. This fraudulent site imitates the official banking portal to bypass security checks and solicit sensitive information through high-pressure tactics. Target: Customers of Banco de Bogotá (Colombia)Threat Level: High …

Continue reading “Banco de Bogota phishing page detected”

A phishing campaign targeting Lead Bank business customers uses fraudulent “unauthorized login” alerts to drive victims to a spoofed portal designed to steal credentials, personal information, and 2FA codes. The attack creates a sense of urgency to trick users into entering sensitive data on a site with a misleading domain. To protect against this threat, …

Continue reading “LEAD Bank phishing page detected”

A phishing campaign targeting National Bank of Canada (Banque Nationale) clients uses fake “Interac e-Transfer” notifications to steal login credentials, security questions, and OTPs. The fraudulent pages, often mimicking the official BNC portal, are designed to capture data from users in Canada and Quebec. To protect against this threat, users are advised to enable Interac …

Continue reading “Banque Nationale phishing page detected”

A sophisticated Bank of America phishing campaign is active, using fake “account lock” alerts to steal online credentials, Social Security numbers, and OTP codes. The attack utilizes pixel-perfect clones of the Bank of America portal, often combined with telephone spoofing, to harvest full financial access. Users should avoid clicking links in alerts and instead navigate …

Continue reading “Bank of America fake page detected”

A phishing campaign targeting First Investment Bank (Fibank) in Bulgaria uses a fake “digital certificate update” to steal user credentials and one-time passwords (OTP). Scammers employ a “security scare” tactic, directing victims to a lookalike login portal that harvests login IDs, passwords, and OTPs for real-time account takeover. Target: Customers of First Investment Bank (Fibank …

Continue reading “Fibank (Bulgaria) phishing page detected”

TymeBank phishing campaigns target South African customers through SMS and email alerts claiming account suspension, directing victims to a fake portal designed to steal ID numbers, PINs, and real-time OTPs. These attacks exploit the bank’s digital-only model, urging users to use official applications and ignore suspicious links. Target: Customers of TymeBank (South Africa)Threat Level: High …

Continue reading “TymeBank phishing page detected”