Cyber crime against Colombian bank through phishing
A phishing campaign targeting users in Colombia supplants the identity of a well-known financial institution for the purpose of stealing access credentials and data from credit and debit cards
Recently, a phishing site supplanted the identity of a famous bank in Colombia showing it even complies with the requirement of having an SSL certificate which makes the user believe that the site offers greater protection for navigation and income data.
The fake email received by the victim informs that access to the different channels was blocked for security invites the users to re-establish access to their account in order to use the services normally.
If the client receives the mail and decides to enter the link in the email he is directed to a cloned page of the bank where all the links connect to the official website of the company except the user and password entry buttons.
The main characteristic of the site is that it has a certificate, which can be seen to the left of the domain with a closed padlock and the “https” sign before the domain.
In case the client falls for the deception, access the page and enter his document number and password he will find the cloned page where cybercriminals try to go a step further to steal the credit or debit card data of the victim.
L.Sáenz
Source: Welivesecurity
