article thumbnail

SMS About Bank Fraud as a Pretext for Voice Phishing

Krebs on Security

Smishing messages usually include a link to a site that spoofs a popular bank and tries to siphon personal information. But increasingly, phishers are turning to a hybrid form of smishing — blasting out linkless text messages about suspicious bank transfers as a pretext for immediately calling and scamming anyone who responds via text.

Banking 358
article thumbnail

Cybercriminals attack banking customers in EU with V3B phishing kit – PhotoTAN and SmartID supported.

Security Affairs

Resecurity uncovered a cybercriminal group that is providing a sophisticated phishing kit, named V3B, to target banking customers in the EU. “Currently, it is estimated that hundreds of cybercriminals are using this kit to commit fraud, leaving victims with empty bank accounts. .

Banking 103

Sign Up for our Newsletter

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

article thumbnail

Alert: New Phishing Attack Delivers Keylogger Disguised as Bank Payment Notice

The Hacker News

A new phishing campaign has been observed leveraging a novel loader malware to deliver an information stealer and keylogger called Agent Tesla. Trustwave SpiderLabs said it identified a phishing email bearing this attack chain on March 8, 2024. The archive ("Bank Handlowy w Warszawie

Banking 121
article thumbnail

New Banking Trojan CHAVECLOAK Targets Brazilian Users via Phishing Tactics

The Hacker News

Users in Brazil are the target of a new banking trojan known as CHAVECLOAK that's propagated via phishing emails bearing PDF attachments. This intricate attack involves the PDF downloading a ZIP file and subsequently utilizing DLL side-loading techniques to execute the final malware," Fortinet FortiGuard Labs researcher Cara Lin said.

Banking 120
article thumbnail

Grandoreiro Banking Trojan Resurfaces, Targeting Over 1,500 Banks Worldwide

The Hacker News

The threat actors behind the Windows-based Grandoreiro banking trojan have returned in a global campaign since March 2024 following a law enforcement takedown in January.

Banking 118
article thumbnail

Singapore Banks to Phase Out OTPs for Online Logins Within 3 Months

The Hacker News

Retail banking institutions in Singapore have three months to phase out the use of one-time passwords (OTPs) for authentication purposes when signing into online accounts to mitigate the risk of phishing attacks. Customers who have activated their digital

Banking 106
article thumbnail

When Bank Communication is Indistinguishable from Phishing Attacks

Troy Hunt

You know how banks really, really want to avoid their customers falling victim to phishing scams? And how they put a heap of effort into education to warn folks about the hallmarks of phishing scams? And how banks are the shining beacons of light when it comes to demonstrating security best practices? Ah, cheeky phisher!

Banking 239