A high-fidelity Arvest Bank phishing campaign targets U.S. customers using SMS and email to steal credentials and intercept real-time MFA codes via fraudulent “sync” pages. Scammers use lookalike domains to trick users into providing login IDs, passwords, and security codes to bypass two-factor authentication, with official, manual access to arvest.com being the primary defense. This …
Category Archives: Bank phishing
Swedbank phishing page revealed
A sophisticated Man-in-the-Middle (MitM) phishing campaign targeting Swedbank customers across the Baltic and Nordic regions, utilizing fraudulent Smart-ID and BankID authentication requests to steal credentials in real-time [1]. Attackers deploy malicious clones of the Swedbank login portal to harvest Personal Identity Numbers, phone numbers, and PINs, using them instantly on the legitimate site to hijack …
Banco Bradesco phishing page detected
A sophisticated Banco Bradesco phishing campaign targeting Brazilian users through fake “security re-registration” messages to steal account credentials and security tokens in real time. This critical-level threat employs lookalike domains and smishing to intercept Agency/Account numbers, PINs, CPF numbers, and mobile token codes for full account takeover. метода фишинга на основе скриншота? Чтобы люди были …
Banca Intesa phishing page detected
A phishing campaign targeting Banca Intesa Beograd customers uses fraudulent SMS and email messages to harvest login credentials and real-time SMS OTPs via a spoofed login page. This Man-in-the-Middle attack aims to steal credentials for the Banca Intesa Mobi app, with fake links often leading to lookalike domains rather than the official bancaintesa.rs site. This …
BAC Credomatic phishing page detected
A sophisticated phishing campaign targeting BAC Credomatic customers uses “Token Synchronization” to steal credentials and real-time OTP codes via fake banking portals, often distributed through Smishing or email. The attackers use high-fidelity clones of the bank’s portal to trick users into entering their username, password, and Código BAC, aiming to bypass multi-factor authentication for fraudulent …
Canada Post fake page detected
A Canada Post phishing campaign uses SMS and email, claiming an “incomplete address” to lure victims into paying a small fee on a fraudulent website. This scheme steals full name, address, and credit card details, including 3D-Secure codes, to facilitate larger fraudulent transactions. This Canada Post phishing campaign targets residents with fraudulent SMS/email alerts regarding …
Banco del Pacifico phishing page detected
This phishing campaign targeting Ecuador’s Banco del Pacífico uses a fake “Intermático Security Sync” page to steal online banking credentials, security challenge questions, and One-Time Passcodes (OTP). Scammers employ a “sync” pretext in emails or SMS, directing victims to a malicious website that mimics the legitimate site to bypass multi-factor authentication and gain full account …
Continue reading “Banco del Pacifico phishing page detected”
Sabadell bank phishing page detected
A phishing campaign targeting Banco Sabadell users in Spain employs SMS and email, mimicking a security update to steal credentials and Digital Signature (Firma Digital) codes. The attack uses lookalike domains, such as sabadell-online-seguridad.net or acceso-bancosabadell.com, to redirect victims to a Man-in-the-Middle site designed to harvest login data and authorize fraudulent transfers in real-time. A …
Crédit Mutuel de Bretagne (CMB) bank phishing page detected
Crédit Mutuel de Bretagne (CMB) “Security Key” PhishingTarget: Customers of Crédit Mutuel de Bretagne (France / Brittany region)Threat Level: Critical (Real-time Account Takeover & “Clé Digitale” Hijacking)Phishing Method DescriptionThis attack targets users of the CMB Online Banking and the “CMB suivi de compte” mobile app. Scammers use a “Security Alert” pretext, sending out Smishing (SMS) …
Continue reading “Crédit Mutuel de Bretagne (CMB) bank phishing page detected”
Raiffeisen bank phishing page detected
Raiffeisen Bank “Digital Security Update” PhishingTarget: Raiffeisen Bank Customers (Central and Eastern Europe)Threat Level: Critical (Raiffeisen Identity & Digital Token Theft)Phishing Method DescriptionThis attack targets users of the Raiffeisen Online Banking and the Digital ID apps. Scammers distribute urgent notifications via SMS (Smishing) or Email, claiming that “New Security Regulations” or a “System Maintenance” requires …