In Segu-Info they have reported a royal mail sent by the Santander Ro bank that has all the typical characteristics of a phishing.
As can be seen in the following screenshots, a strange link that at first glance has no relationship with the bank, as if this were not enough the page that is accessed request personal data such as name, surname, document, sex, e-mail and type of account:
Legitimate mail sent by Santander Ro Legitimate page of Santander Ro
Any user with common sense will ignore this message and treat it as a phishing attempt. The domain is super suspicious –special-invitation?– and also requests data that the bank should already have.
In response to a query made by a client, Santander replied that the email was legitimate and that it was an advertising campaign.
This type of practice trash all awareness work and even contradicts its own security recommendations, on the bank's website you can read the following:
(click to see larger)
But Santander is not the only one, many entities make these mistakes (see The Epsilon Phishing Model) and they use confusing, strange and difficult to remember URLs.