Why ThreatMark
Solutions
Solutions
- Scams & Social Engineering
  Intercept deceptive schemes and protect customers from scams.
- Phishing Detection & Mitigation
  Mitigate financial fraud with an proactive defense against phishing attacks.
  - Credential Theft
- Account Takeover
  Prevent unauthorized access and safeguard customer accounts.
- Money Mules
  Identify money mule accounts before fraudster can cover their tracks.
- New Account Fraud
  Detect new account fraud with advanced behavioral biometrics.
- Transaction Risk Analysis
  Balance security and UX with the application of stringent security measures.
- Department
  ThreatMark supports the unspoken heroes in the fight against fraud.
ThreatMark Platform
ThreatMark Platform
- Behavioral Intelligence Platform
  Bolster fraud prevention with constant monitoring of the now.
- Smart Insights
  Gain expert insight for accurate detections and fewer false positives.
- Cyber Fraud Fusion Center
  Cyber Fraud Fusion Center stands at the forefront of fighting cyber threats.
Modern fraud demands a modern solution.

In this world of constantly increasing fraud threats, we’ve reimagined protection. Combining transaction risk analysis, threat detection, and user behavior profiling capabilities in one integrated platform.
Resources
Resources
- Resources
- Insights
Bringing trust to the digital world

The landscape of cyber threats is constantly evolving; stay ahead of the curve with ThreatMark.
Company
Company
Built to disrupt the fraud infrastructure.

Fraudsters don’t stand still, so neither do we.

Talk to a fraud fighter

Home Insights Fourteen European Banks targeted by a complex phishing campaign – ROT Alert

Fourteen European Banks targeted by a complex phishing campaign – ROT Alert

November 5, 2021

Last week our SOC team has discovered an elaborate phishing campaign targeting 14 Czech banks with different vectors abusing concerns about Bohemia Energy, electricity and gas supply; and rising energy prices.

The web pages mimic Česká Spořitelna & Czech Post pages to scam (old Bohemia Energy) users into leaving their online banking credentials so they can set up new automated payments to get some better prices.

Our research indicates that these (and those we previously reported) phishing campaigns are produced by the same actor/actors.

Although we’ve taken some steps to mitigate the phishing URLs, similar are being published daily. We urge banks to further educate their users about this threat.

This campaign is done from 2 different vectors: Česká Spořitelna & Czech Post pages.

Upon visiting the phishing site the user is welcomed by this screen which promises to transfer money in 2 installments to the user’s account:

Other page uses Czech Post branding for the same purpose:

Ultimately, upon venturing further the users are presented 14 different fake banking portals which are used to steal the credentials.

The full report, with technical details, screenshots and URLs is available on request and to ThreatMark’s Ring of Trust members.

If you wish to double check the technical details and want to receive the phishing URL, write to ringoftrust@threatmark.com.

Mitigation steps undertaken

Our SOC team has already taken some mitigation steps by reporting the phishing URL to Safe Browsing, reporting it to the domain registrar and the hosting provider.

Our recommendation

We recommend you alert your users that there’s an active phishing campaign offering money in 2 installments while emulating web pages featuring: Česká spořitelna and Česká Pošta (including their Pohlednice Online service branding) and fake banking gateways.

Depending on the capabilities of your existing security solution, try to find out which of your users have visited the phishing URL prior to coming to your site.

If you need help and require more details about this campaign please write us to ringoftrust@threatmark.com.

About Ring of Trust (RoT)

ThreatMark’s Ring of Trust (RoT)–is an invite-only initiative that aims to combat phishing frauds in the banking industry with a community approach: by sharing cyber threat intelligence among the members and disseminating the information for a faster and timely response.

The essence of the initiative is to combine intelligence and fight phishing scams from a common ground. Fraudsters work together to perpetuate fraud. We believe that the same approach works for preventing fraud as well.

At the core of the Ring of Trust is ThreatMark’s advanced fraud prevention solution complemented by a team of cybersecurity & fraud analysts from our Security Operations Center. Our technology uses various on-page and off-page methods to detect wide array of threats across digital channels. All detections are categorized and added to our Threat Intelligence systems for easier mitigation and future detections.

All Ring of Trust members benefit from this intelligence and a shared mission to combat fraud. We invite everyone to share with us all discovered phishing campaigns targeting banks with so we can facilitate mitigation and alert the Ring for significant threats.

Ring of Trust is an invite-only initiative. Interested parties can reach out for consideration at ringoftrust@threatmark.com.