THREAT ALERT: phishing campaign targeting banks

IT Security team of About You has discovered a phishing campaign targeting German banking institutions.

The main goal of these campaigns seems to be credential theft and further financial gain through accessing victim’s online banking.

The phishing links are distributed via SMS messages:

Upon further inspection we have found that these links lead to short-living web sites such as:

1. sxb1plvwcpnl497368[.]prod[.]sxb1[.]secureserver[.]net
2. zen-hugle[.]62–210–113–228[.]plesk[.]page
3. de-our[.]instawp[.]xyz

Other domains involved in this campaign:

1. dkb[.]tan2go[.]online
2. postbankfiliale[.]click
3. meine-postbank[.]info

The phishing page looks like the following:

This one in particular is impersonating the DKB bank, whose real URL is https://www.dkb.de/

This example above impersonates Post Bank.

Always check links that you are about to click and don’t fall victim to phishing attacks.

Did you like this article and are you a security engineer? We’re hiring!

https://corporate.aboutyou.de/en/jobs/application-security-engineer-for-hamburgs-first-unicorn-company