This phishing case targets Sparkasse customers in Germany using a sophisticated “PushTAN/S-ID-Check” scam. Attackers utilize smishing and email to direct users to fraudulent, pixel-perfect sites, harvesting credentials and using Man-in-the-Middle techniques to trick users into authorizing fraudulent device registration through the official app. Protection involves disregarding links, using only the official app, and carefully verifying …
Category Archives: Bank phishing
Interac phishing page detected
An Interac phishing campaign, often targeting Canadian bank customers, uses a sophisticated gateway to impersonate the instant money transfer system and harvest banking credentials, security questions, and OTP codes. Victims are lured via SMS or email to fake portals that perfectly clone major financial institutions to facilitate account takeovers. This phishing campaign targeting Canadian bank …
TD Bank phishing page revealed
A sophisticated TD Bank phishing campaign targets Canadian and US customers using fraudulent SMS and emails to harvest EasyWeb credentials, security answers, and real-time OTP codes. The phishing kit, dubbed “EasyWeb Security Update,” utilizes a high-fidelity clone of the login portal to bypass multi-factor authentication, with scammers aiming for full account takeover via stolen security …
Arvest bank phishing page detected
A high-fidelity Arvest Bank phishing campaign targets U.S. customers using SMS and email to steal credentials and intercept real-time MFA codes via fraudulent “sync” pages. Scammers use lookalike domains to trick users into providing login IDs, passwords, and security codes to bypass two-factor authentication, with official, manual access to arvest.com being the primary defense. This …
Swedbank phishing page revealed
A sophisticated Man-in-the-Middle (MitM) phishing campaign targeting Swedbank customers across the Baltic and Nordic regions, utilizing fraudulent Smart-ID and BankID authentication requests to steal credentials in real-time [1]. Attackers deploy malicious clones of the Swedbank login portal to harvest Personal Identity Numbers, phone numbers, and PINs, using them instantly on the legitimate site to hijack …
Banco Bradesco phishing page detected
A sophisticated Banco Bradesco phishing campaign targeting Brazilian users through fake “security re-registration” messages to steal account credentials and security tokens in real time. This critical-level threat employs lookalike domains and smishing to intercept Agency/Account numbers, PINs, CPF numbers, and mobile token codes for full account takeover. метода фишинга на основе скриншота? Чтобы люди были …
Banca Intesa phishing page detected
A phishing campaign targeting Banca Intesa Beograd customers uses fraudulent SMS and email messages to harvest login credentials and real-time SMS OTPs via a spoofed login page. This Man-in-the-Middle attack aims to steal credentials for the Banca Intesa Mobi app, with fake links often leading to lookalike domains rather than the official bancaintesa.rs site. This …
BAC Credomatic phishing page detected
A sophisticated phishing campaign targeting BAC Credomatic customers uses “Token Synchronization” to steal credentials and real-time OTP codes via fake banking portals, often distributed through Smishing or email. The attackers use high-fidelity clones of the bank’s portal to trick users into entering their username, password, and Código BAC, aiming to bypass multi-factor authentication for fraudulent …
Canada Post fake page detected
A Canada Post phishing campaign uses SMS and email, claiming an “incomplete address” to lure victims into paying a small fee on a fraudulent website. This scheme steals full name, address, and credit card details, including 3D-Secure codes, to facilitate larger fraudulent transactions. This Canada Post phishing campaign targets residents with fraudulent SMS/email alerts regarding …
Banco del Pacifico phishing page detected
This phishing campaign targeting Ecuador’s Banco del Pacífico uses a fake “Intermático Security Sync” page to steal online banking credentials, security challenge questions, and One-Time Passcodes (OTP). Scammers employ a “sync” pretext in emails or SMS, directing victims to a malicious website that mimics the legitimate site to bypass multi-factor authentication and gain full account …
Continue reading “Banco del Pacifico phishing page detected”