A newly emerged phishing threat known as V3B is currently targeting users of European banks, presenting a significant danger to the security of financial information. These phishing kits, readily accessible on the dark web, provide cybercriminals with a suite of tools to orchestrate sophisticated attacks, ranging from the creation of counterfeit login pages to the dissemination of malware.
As highlighted by Resecurity’s recent report, the V3B kit, marketed on Telegram by an individual operating under the pseudonym “Vssrtje,” has already garnered a following of over 1,255 adept fraudsters, with prices ranging between $130 and $450 per month. V3B operates by intercepting sensitive data such as login credentials and one-time passwords (OTPs) through the implementation of social engineering tactics.
It comprises two primary components: a scenario-based credential interception system and counterfeit online banking authorization pages, meticulously crafted to replicate the interfaces of EU banking and e-commerce systems. Furthermore, the kit boasts a plethora of advanced features, including multi-language templates, anti-bot measures, live chat support, and compatibility with OTP/TAN/2FA authentication methods.
By facilitating real-time interaction with victims, V3B enables cybercriminals to manipulate user actions, gain unauthorized access, and execute fraudulent transactions. To effectively defend against V3B phishing attacks and safeguard personal financial assets, users are strongly encouraged to exercise caution when scrutinizing email sender addresses, refrain from disclosing sensitive information on unfamiliar websites, and opt for multi-factor authentication (MFA) wherever feasible.
Reference:
