contadores de paginas web Saltar al contenido

Now the phishing is from Banco Comercial de Uruguay

comercial-php

A few hours ago he was commenting on a phishing case against Banco Repblica that had misled a few clients, now the attack is against another bank in Uruguay. The mail that is circulating has the following aspect:

Fake email that pretends to be from Banco Comercial

The link, as you can see from the screenshot, points to a .de domain (Germany) that loads a file called comercial.php. From there a redirection is made to the false page that simulates that of the bank.

The phishing kit used is the same, they are even using the same server that was affected by the attack on Brou. In the following screenshot you can see that the .php file was last modified yesterday:

comercial.php modified on October 12

At the time of writing this post the server where the false page is located is not responding, and it is already being blocked by anti-phishing filters:

Fake page blocked by browser

It is possible that in the next few days variants of other entities will continue to appear, be careful and remember that banks never request personal information or update it through emails. If by mistake you fall into the trap, inform the bank and change your password as soon as possible.

Thanks Liber for sending it.