Kurzfassung
Researchers at SANS ISC observed a phishing wave targeting customers of a major Belgian bank (Belfius). The email looks like a standard banking login prompt, but the malicious link uses an obfuscation trick: it is written as an IPv6...
Wie es funktioniert
Researchers at SANS ISC observed a phishing wave targeting customers of a major Belgian bank (Belfius). The email looks like a standard banking login prompt, but the malicious link uses an obfuscation trick: it is written as an IPv6...
Warnzeichen
- URL uses an IP literal in square brackets rather than a bank domain. Sender urges login via link in email instead of typing the bank URL. Final destination is on a generic qzz.io subdomain mimicking bank login pages
Was tun
- 1Never click banking links from emails
- 2open the bank site manually. Report suspicious bank themed messages to your bank and block the sender. Enable hardware key or app based 2FA so a stolen password is not enough
Quelle
FAQ
Ist eBanking Phishing Hides Behind IPv4 Mapped IPv6 Address (Belfius) ein reales Betrugsmuster?
Ja. Behandeln Sie Nachricht, Anruf oder Zahlungsaufforderung als verdaechtig, bis ein offizieller Kanal sie bestaetigt.
Was sind die ersten Warnzeichen?
URL uses an IP literal in square brackets rather than a bank domain. Sender urges login via link in email instead of typing the bank URL. Final destination is on a generic qzz.io subdomain mimicking bank login pages
Was sollte ich zuerst tun?
Never click banking links from emails; open the bank site manually. Report suspicious bank themed messages to your bank and block the sender. Enable hardware key or app based 2FA so a stolen password is not enough
Kann LegalAudit meinen Fall pruefen?
Ja. Starten Sie den kostenlosen Chat und fuegen Sie Nachricht, Link, Absender oder Zahlungsdaten ein.