A phishing campaign targeting RWE AG customers in Germany uses fake energy refund emails to steal sensitive personal and financial data, including online banking credentials, via a fraudulent portal. The scam pressures users with urgent deadlines to claim a “refund for overpaid electricity costs” and directs them to malicious domains, such as kunden-rwe.net, to enter …
Category Archives: Bank phishing
One Nevada Credit Union phishing page detected
A phishing campaign impersonating One Nevada Credit Union targets members via SMS and email, aiming to harvest login credentials, security answers, and sensitive personal information like SSNs through a cloned, fraudulent portal. Attackers exploit regional brand trust to create urgency around “security verification,” targeting the legitimate onenevada.org domain with sophisticated lookalike URLs. To protect against …
Continue reading “One Nevada Credit Union phishing page detected”
Banco BBVA phishing page detected
A widespread phishing campaign targeting BBVA bank customers in Spain and Latin America uses high-pressure smishing tactics to steal login credentials and SMS OTP codes. Fraudulent websites mimic the legitimate BBVA portal to intercept security codes for unauthorized transactions. Users are advised to avoid clicking links in suspicious messages and to use the official BBVA …
Bank Central Asia phishing page detected
A phishing campaign targeting Bank Central Asia (BCA) customers in Indonesia uses WhatsApp-based smishing to direct victims to fraudulent sites mimicking the KlikBCA login portal. Attackers aim to harvest User IDs, PINs, and KeyBCA token codes, enabling real-time, fraudulent transaction authorization. The attack is a “Token Interception” method, utilizing spoofed domains like klikbca-update.online to bypass …
Banco CUSCATLAN phishing page detected
A phishing campaign targeting Banco Cuscatlán users in El Salvador and Guatemala uses fraudulent “digital profile update” notifications to steal netbanking credentials and OTP codes. The attack, which directs victims to a pixel-perfect replica of the legitimate site, aims to perform real-time account takeovers via deceptive domains and urgent, alarming messaging. Customers are advised to …
Bank of America phishing page revealed
A June 2025 phishing campaign targeting Bank of America users employs a “Compliance & Maintenance” pretext, claiming an “incomplete profile update” to steal credentials and bypass two-factor authentication [1]. The fraudulent site, often hosted on deceptive domains, attempts to capture online banking IDs, passcodes, email credentials, and real-time one-time passcodes (OTP). Users should be wary …
Argenta Bank phishing page detected
A sophisticated phishing campaign targeting Argenta Bank customers in Belgium and the Netherlands utilizes fraudulent “Digipass synchronization” to perform real-time session hijacking and fund theft. Attackers use phishing sites to harvest login credentials and security codes, prompting users with fake urgent security alerts to bypass two-factor authentication. Argenta Bank “New Debit Card” PhishingTarget: Customers of …
BNP Paribas bank group phishing page revealed
A phishing campaign targeting BNP Paribas customers in Europe uses a “Restricted Access” pretext to steal credentials, mobile numbers, and digital tokens for the “Mon Compte” system. Attackers use sophisticated fake portals with fake virtual keypads, aiming to intercept real-time authorization codes to hijack online banking accounts. BNP Paribas “Digital Key Verification” PhishingTarget: Customers of …
Continue reading “BNP Paribas bank group phishing page revealed”
Bank Syariah Indonesia (BSI) phishing page detected
A phishing campaign targeting Bank Syariah Indonesia (BSI) customers leverages fake “system migration” or “new fee” notifications sent via SMS and WhatsApp to steal mobile banking credentials. The fraudulent sites prompt users to input their BSI Mobile phone number, 6-digit PIN, and OTP, allowing attackers to hijack accounts. Bank Syariah Indonesia (BSI) “New Service Fee” …
Continue reading “Bank Syariah Indonesia (BSI) phishing page detected”
Banco Bilbao Vizcaya Argentaria (BBVA) phishing page detected
A new phishing campaign targeting BBVA customers in Spain and Latin America uses SMS-based “account block” alerts to direct victims to a fraudulent site designed to harvest credentials and real-time SMS OTP codes. The attack leverages fear-based tactics, urging users to enter their ID, password, and mobile number on a fake “Acceso Clientes” portal to …
Continue reading “Banco Bilbao Vizcaya Argentaria (BBVA) phishing page detected”