Data Security, Phishing, Privacy

Attacks with V3B phishing kit set sights on EU banking customers

Phishing email

Fifty-four leading banking organizations in Austria, Belgium, Finland, France, Germany, Greece, Ireland, Italy, Luxembourg, and the Netherlands had their customers subjected to attacks with the novel V3B phishing-as-a-service platform, which is being increasingly accessed by threat actors via Telegram, according to BleepingComputer.

Developed on a custom CMS, the V3B phishing kit not only features phishing pages translated into several languages but also enables the interception of one-time passwords and banking account details, which are then exfiltrated using the Telegram API, a report from Resecurity revealed. Aside from allowing QR code generation for phishing pages, V3B also features Smart ID and Photo TAN support aimed at evading Swiss and German banks' authentication methods.

"…[T]he fact that fraudsters have started to implement support of alternative OTP/TAN validation mechanisms, rather than relying solely on traditional SMS-based methods, may confirm the challenges that fraud prevention teams will face in combating account takeover for both private and corporate customers," researchers said.

Get daily email updates

SC Media's daily must-read of the most current and pressing daily news

By clicking the Subscribe button below, you agree to SC Media Terms and Conditions and Privacy Policy.