TLDR
Researchers at SANS ISC observed a phishing wave targeting customers of a major Belgian bank (Belfius). The email looks like a standard banking login prompt, but the malicious link uses an obfuscation trick: it is written as an IPv6...
Como funciona
Researchers at SANS ISC observed a phishing wave targeting customers of a major Belgian bank (Belfius). The email looks like a standard banking login prompt, but the malicious link uses an obfuscation trick: it is written as an IPv6...
Señales de alerta
- URL uses an IP literal in square brackets rather than a bank domain. Sender urges login via link in email instead of typing the bank URL. Final destination is on a generic qzz.io subdomain mimicking bank login pages
Qué hacer
- 1Never click banking links from emails
- 2open the bank site manually. Report suspicious bank themed messages to your bank and block the sender. Enable hardware key or app based 2FA so a stolen password is not enough
Fuente
FAQ
Es eBanking Phishing Hides Behind IPv4 Mapped IPv6 Address (Belfius) una estafa real?
Si. Trata el mensaje, la llamada o la solicitud de pago como sospechosos hasta que los verifiques por un canal oficial.
Cuales son las primeras senales?
URL uses an IP literal in square brackets rather than a bank domain. Sender urges login via link in email instead of typing the bank URL. Final destination is on a generic qzz.io subdomain mimicking bank login pages
Que debo hacer primero?
Never click banking links from emails; open the bank site manually. Report suspicious bank themed messages to your bank and block the sender. Enable hardware key or app based 2FA so a stolen password is not enough
Puede LegalAudit revisar mi caso?
Si. Abre el chat gratis y pega el mensaje, el enlace, el remitente o los datos de pago para un triage.