NEW YORK—Cybercriminals are targeting European banking clients with a phishing-as-a-service platform that retails for between $130 and $450 per month and allows fraudsters to bypass multifactor authentication, according to a new report.
Security researchers found a phishing kit they named V3B that has been operational since March 2023 and that allows fraudsters to mimic more than 50 financial institutions across the continent, Bank Info Security reported.
“The phishing kit's retail price depends on the modules and supported banks included. It enables fraudsters to employ social engineering and spoofing tactics to trick victims into revealing sensitive information in order to intercept banking credentials and credit card details,” the Bank Info Security report states.
The report added that a threat actor named "Vssrtje" promotes the kit on Telegram and dark web communities.
Researchers estimate hundreds of cybercriminals use this kit, resulting in significant financial losses for European banking customers. The Telegram channel associated with this group has more than 1,255 members, Bank Info Security said.
What’s Included in Kit
According to Bank Info Security, the V3B phishing kit:
- Is designed to evade detection and supports real-time interaction to bypass MFA.
- In addition to traditional tokens such as SMS codes, it handles QR Codes and PhotoTAN methods. PhotoTAN is a second-factor authentication app common in Germany and Switzerland that provides transaction authentication numbers by scanning pixelated graphics
- Includes advanced obfuscation techniques and anti-bot measures to avoid detection
- Supports the interception of credit card data. Recently, developers released a module to support International Card Services with templates in Dutch, Bank Info Security said.
- Features include multicountry targeting, encrypted code, mobile and desktop interfaces, and live chat with victims.
How to Sign Up For the Best Daily News Email in Credit Unions? (It’s Free!)
Every workday CUToday.info delivers the most comprehensive, freshest daily newsletter with the day’s news headlines, including links to the related articles. The Fresh Today newsletter is the most timely, relevant and widely-read source of news and information in the CU community. And it’s free!
If you haven’t yet signed up for the new email solution on which CUToday.info has partnered with ResponseGenius, you can do so here. Signing up requires less than one minute of your time—and it’s free!
Please note that after signing up you may need to go to your Spam/Junk folder and mark the morning headlines email as safe. CUToday.info does not provide its list of readers and emails to outside parties,
And did we mention it’s free?