Customers of the Unicredit and Intesa Sanpaolo banks have been targeted by phishing attempts which are quite ingenious.
This was revealed by Bitdefender Antispam Lab, a leading IT security company.
Summary
Intesa Sanpaolo phishing attack
The first phishing campaign was launched between 23 and 24 June and targeted customers of the Intesa Sanpaolo bank. The victims received an email that looked like it came from the bank in terms of appearance and logos.
The content of the e-mail informed the unfortunate victims that their bank accounts and credit cards had been blocked, all of which were currently unusable. The text also explained the reason for the suspension: the customer had ignored a previous request from the bank to carry out a mandatory check on his or her online banking profile. But everything can be solved by filling in the data in the bank’s registration portal.
This leads the victims to a portal where they leave their data, doing exactly what the hackers expect.
The Unicredit case
A similar scam was set up for Unicredit between 28 and 30 June. Here again, the aim of the hackers is to create panic among customers by making them believe that their bank accounts and credit cards are blocked, and to unblock them, they need to enter their personal data.
How to recognize phishing emails from banks
What fooled the users who received the phishing emails was the fact that the logos, layout and text were so perfect that they thought the sender was their bank.
Bitdefender noted that the IPs were from Japan, and the attack lasted only a few days to allow the cybercriminals to disappear.
It is likely that other scams could be organized using the same system but with the names of other banks.
Fraud of this kind has increased considerably, both with the Covid-19 pandemic and with the growing use of mobile banking, which has been accelerated by the pandemic.
A few simple pieces of advice remain valid: always beware of emails asking you to enter your personal data. If in doubt, contact your bank.