En bref
Researchers at SANS ISC observed a phishing wave targeting customers of a major Belgian bank (Belfius). The email looks like a standard banking login prompt, but the malicious link uses an obfuscation trick: it is written as an IPv6...
Comment ca fonctionne
Researchers at SANS ISC observed a phishing wave targeting customers of a major Belgian bank (Belfius). The email looks like a standard banking login prompt, but the malicious link uses an obfuscation trick: it is written as an IPv6...
Signaux d'alerte
- URL uses an IP literal in square brackets rather than a bank domain. Sender urges login via link in email instead of typing the bank URL. Final destination is on a generic qzz.io subdomain mimicking bank login pages
Que faire
- 1Never click banking links from emails
- 2open the bank site manually. Report suspicious bank themed messages to your bank and block the sender. Enable hardware key or app based 2FA so a stolen password is not enough
Source
FAQ
eBanking Phishing Hides Behind IPv4 Mapped IPv6 Address (Belfius) est une vraie arnaque ?
Oui. Traitez le message, l'appel ou la demande de paiement comme suspect jusqu'a verification via un canal officiel.
Quels sont les premiers signaux ?
URL uses an IP literal in square brackets rather than a bank domain. Sender urges login via link in email instead of typing the bank URL. Final destination is on a generic qzz.io subdomain mimicking bank login pages
Que faire en premier ?
Never click banking links from emails; open the bank site manually. Report suspicious bank themed messages to your bank and block the sender. Enable hardware key or app based 2FA so a stolen password is not enough
LegalAudit peut-il verifier mon cas ?
Oui. Lancez le chat gratuit et collez le message, le lien, l'expediteur ou les details de paiement.