July 1, 2019

Lookout Phishing AI Discovers Mobile-Only Banking Campaign

No items found.
Threat Type
Entry Type
Threat Summary
Discovered By
Threat Type
Platform(s) Affected
Threat Summary

Key Facts

  • This is a mobile-only phishing campaign.
  • Works by guiding bank customers through false account validation.
  • All institutions with potentially affected customers were notified upon discovery.

Background and Discovery Timeline

In early 2020, Lookout Phishing AI discovered a malicious phishing campaign targeting North American banking and financial institutions with a particular focus on customers of Canadian-based organizations. The campaign clearly targets mobile users, as it spreads via SMS messages and leads users to fake login pages built for mobile browsers. The back end of the campaign shows that the attacker built a tool to easily blast an SMS message to as many phone numbers as they want, which further indicates a mobile-first attack strategy.

Capabilities and Affected Parties

Lookout researchers dove deeply into this campaign and were able to access the front-end platform that the attackers used to blast SMS messages to potential victims. These messages contain links to fake login pages that appear legitimate. If the victim is tricked, the attacker steals banking credentials by guiding the victims through a number of security questions such as verifying their account number or asking for their card’s expiration date. With that information, they can easily surpass security questions and steal from the victim’s account.

Colleagues standing in an open meeting area and sharing a humorous moment

Stop Cyberattacks Before They Start With Industry-Leading Threat Intelligence.

Other Related Threats


September 15, 2023

Scattered Spider

Scattered Spider, aka UNC3944, was able to successfully target and gain access to the infrastructure of Caesars Entertainment in its latest campaign

July 19, 2023

Lookout Attributes Advanced Android Surveillanceware to Chinese Espionage Group APT41

January 3, 2023

How Scammers Are Impersonating Singapore Post and Singtel With Phishing Messages