The fake DitchIt card verification scam is a high-level phishing threat targeting users on classified marketplaces, utilizing fake, secure-looking checkout pages to steal full credit card details and cardholder information. This fraud technique often involves directing users off-platform, requesting balance verification, and harvesting data to drain user accounts. Target: Users of DitchIt (Marketplace & Resale …
Continue reading “Fake Ditchit card verification page detected”
A high-fidelity phishing campaign targeting United Overseas Bank (UOB) users in Southeast Asia utilizes fraudulent SMS and email links to harvest login credentials and SMS OTPs through cloned websites. These sites, often using lookalike domains like “uob-security-update.com,” aim to steal credentials and authorize fraudulent transactions by mimicking the UOB TMRW app or web portal. The …
Continue reading “United Overseas Bank Limited (UOB) phishing page revealed”
Scammers are targeting UK drivers with a fake DVLA vehicle tax renewal phishing campaign designed to steal personal and financial details. The attack uses urgent SMS or email messages to drive victims to a convincing, counterfeit GOV.UK site that demands payment and sensitive security information to avoid bogus fines. To stay safe, ignore unexpected notifications, …
A phishing campaign targeting ADAC members uses fake “membership issue” emails to direct victims to a cloned portal designed to steal personal and credit card data. The scam creates urgency by warning of payment failures, exploiting trust in the German automobile association to steal login credentials and financial details. Fake ADAC “Membership Payment Update” PhishingTarget: …
Continue reading “Fake ADAC email detected (Allgemeiner Deutscher Automobil-Club)”
A phishing campaign impersonating the Austrian Health Insurance Fund (ÖGK) is targeting residents via SMS and email with fraudulent refund claims to steal personal information and banking credentials. The attack leads to a cloned portal designed to capture identity data, credit card details, and bank login information. Austrian Health Insurance Fund (ÖGK) “Tax/Health Refund” ScamTarget: …
A Canada Post phishing campaign uses SMS and email, claiming an “incomplete address” to lure victims into paying a small fee on a fraudulent website. This scheme steals full name, address, and credit card details, including 3D-Secure codes, to facilitate larger fraudulent transactions. This Canada Post phishing campaign targets residents with fraudulent SMS/email alerts regarding …
Blocket “Safe Payment / Shipping” PhishingTarget: Buyers and Sellers on Blocket (Sweden)Threat Level: Critical (Bank Account Takeover & BankID Hijacking)Phishing Method DescriptionThis attack targets users of the Swedish marketplace Blocket. Scammers usually contact a seller or buyer via WhatsApp or SMS, claiming they want to use “Blocket Paket” (shipping service) or a fake “Direct Payment” …
The link above leads to the phishing site: DHL Package Delivery Scam (Smishing/Email Phishing) This phishing campaign impersonates the international shipping company DHL. The email informs the recipient that a package cannot be delivered due to a problem with the address or a failed delivery attempt, creating a sense of urgency. How it works:The email …
Etsy Seller Payment Scam (Fake Order Notification) This phishing page is designed to target Etsy sellers by impersonating a legitimate order notification. The page mimics Etsy’s interface and claims that a buyer has purchased an item—in this case, “Jeans schwarz mit …” for €79.50—and that the payment is awaiting release. How it works:The victim (an …
A sophisticated phishing campaign impersonating the United States Postal Service (USPS) is targeting residents with fraudulent SMS and emails claiming an “incomplete address” for package delivery. Victims are directed to a cloned website that steals personal information and credit card details, including CVV and 3D-Secure codes, by prompting for a small re-delivery fee. This phishing …
Continue reading “Fake USPS tracking page has been detected”
