Last updated December 5th, 2023 23:55
If you have an account with the popular bank, Air Bank, be very cautious about the emails you are currently receiving in your inbox. You could be a target of an attack being spread through email. So, what does the new phishing attack targeting Air Bank look like and how can you recognize it? Let’s take a closer look.
New phishing attack targeting Air Bank
Vážený zákazníku, (libovolna-mailova@adresa),
nedávno jsme Vás informovali, že se chystáme zrušit Vaši aplikaci My Air Dlouhou dobu ji nepoužíváte a zdá se, že o ni nestojíte. Připomínáme, že výpovědní lhůta uplyne dne 14.7.2023, poté budou vaše aplikaci My Air ukončeny.
Chcete svoji aplikaci My Air používat dál?
To budeme moc rádi. Přihlaste se do služby Internetového Bankovnictví pomocí tlačítka níže a postupujte podle požadovaných kroků:
Phishing once again relies on social engineering to evoke a sense of urgency in the user, making them believe that something will be canceled by their bank. Since the majority of the bank’s customers use the mobile banking application, the email urges them to log in to their banking account using a button provided within the email.
However, this button does not lead to the bank’s official website or its online banking platform. Instead, it leads to a fraudulent domain:
https://www.xn--adam-mhle-v9a.at/willkommen/files/overlay-images/rd/
What to do if you receive such an email?
First and foremost, it is crucial to remain calm. No one, especially the bank itself, will cancel your application or revoke your access to online banking. The email is written in relatively good Czech, indicating that the attacker likely used artificial intelligence to generate the text. Unlike previous translation tools, this AI is capable of producing relatively well-formed Czech sentences. Inattentive readers may not notice subtle details and typos.
Additionally, the email deceitfully attempts to appear as if it were sent from the address info@airbank.cz. However, the truth is quite different. Due to the bank’s domain’s SPF record, this would be highly unlikely.
Please review the following details that you should take note of:
A few guidelines to follow if you receive such an email:
- Do not click on any links.
- Carefully verify the sender’s email address.
- If you hover your mouse cursor over a button without clicking it, you can see the destination address in the status bar.
- If you copy the address using the right mouse button, you can verify it at https://virustotal.com.
- If you have any doubts, call your bank’s customer support before taking any action.
I have dedicated a separate article to fraudulent emails. If you have any concerns, learn to recognize such emails at an early stage. You can find the article here: Proven and Best Method for Easily Identifying a Fraudulent Email.
The website is created with care for the included information. I strive to provide high-quality and useful content that helps or inspires others. If you are satisfied with my work and would like to support me, you can do so through simple options.
Subscribe to the Newsletter
Stay informed! Join our newsletter subscription and be the first to receive the latest information directly to your email inbox. Follow updates, exclusive events, and inspiring content, all delivered straight to your email.
