A widespread phishing campaign targeting BBVA bank customers in Spain and Latin America uses high-pressure smishing tactics to steal login credentials and SMS OTP codes. Fraudulent websites mimic the legitimate BBVA portal to intercept security codes for unauthorized transactions. Users are advised to avoid clicking links in suspicious messages and to use the official BBVA …
Category Archives: Bank phishing
Bank Central Asia phishing page detected
A phishing campaign targeting Bank Central Asia (BCA) customers in Indonesia uses WhatsApp-based smishing to direct victims to fraudulent sites mimicking the KlikBCA login portal. Attackers aim to harvest User IDs, PINs, and KeyBCA token codes, enabling real-time, fraudulent transaction authorization. The attack is a “Token Interception” method, utilizing spoofed domains like klikbca-update.online to bypass …
Banco CUSCATLAN phishing page detected
A phishing campaign targeting Banco Cuscatlán users in El Salvador and Guatemala uses fraudulent “digital profile update” notifications to steal netbanking credentials and OTP codes. The attack, which directs victims to a pixel-perfect replica of the legitimate site, aims to perform real-time account takeovers via deceptive domains and urgent, alarming messaging. Customers are advised to …
Bank of America phishing page revealed
A June 2025 phishing campaign targeting Bank of America users employs a “Compliance & Maintenance” pretext, claiming an “incomplete profile update” to steal credentials and bypass two-factor authentication [1]. The fraudulent site, often hosted on deceptive domains, attempts to capture online banking IDs, passcodes, email credentials, and real-time one-time passcodes (OTP). Users should be wary …
Argenta Bank phishing page detected
A sophisticated phishing campaign targeting Argenta Bank customers in Belgium and the Netherlands utilizes fraudulent “Digipass synchronization” to perform real-time session hijacking and fund theft. Attackers use phishing sites to harvest login credentials and security codes, prompting users with fake urgent security alerts to bypass two-factor authentication. Argenta Bank “New Debit Card” PhishingTarget: Customers of …
BNP Paribas bank group phishing page revealed
A phishing campaign targeting BNP Paribas customers in Europe uses a “Restricted Access” pretext to steal credentials, mobile numbers, and digital tokens for the “Mon Compte” system. Attackers use sophisticated fake portals with fake virtual keypads, aiming to intercept real-time authorization codes to hijack online banking accounts. BNP Paribas “Digital Key Verification” PhishingTarget: Customers of …
Continue reading “BNP Paribas bank group phishing page revealed”
Bank Syariah Indonesia (BSI) phishing page detected
A phishing campaign targeting Bank Syariah Indonesia (BSI) customers leverages fake “system migration” or “new fee” notifications sent via SMS and WhatsApp to steal mobile banking credentials. The fraudulent sites prompt users to input their BSI Mobile phone number, 6-digit PIN, and OTP, allowing attackers to hijack accounts. Bank Syariah Indonesia (BSI) “New Service Fee” …
Continue reading “Bank Syariah Indonesia (BSI) phishing page detected”
Banco Bilbao Vizcaya Argentaria (BBVA) phishing page detected
A new phishing campaign targeting BBVA customers in Spain and Latin America uses SMS-based “account block” alerts to direct victims to a fraudulent site designed to harvest credentials and real-time SMS OTP codes. The attack leverages fear-based tactics, urging users to enter their ID, password, and mobile number on a fake “Acceso Clientes” portal to …
Continue reading “Banco Bilbao Vizcaya Argentaria (BBVA) phishing page detected”
Bank of Hawai’i phishing page revealed
Bank of Hawaii “Online Access Update” PhishingTarget: Customers of Bank of Hawaii (BOH)Threat Level: Critical (Full Account & Identity Hijacking)Phishing Method DescriptionThis attack uses a “Security Maintenance” pretext. Victims receive an urgent email or SMS claiming that their “e-Bankoh” online access has been temporarily suspended or that an “identity verification” is required due to a …
Grove bank & Trust phishing page detected
A phishing campaign targeting Grove Bank & Trust in Florida uses “system upgrade” pretexting to steal business and personal online banking credentials and MFA codes. The attack directs users to a high-fidelity clone of the real login portal to harvest sensitive data for unauthorized account access. Grove Bank & Trust “Secure Access” PhishingTarget: Clients and …
Continue reading “Grove bank & Trust phishing page detected”