The National Bank Is Again Being Used By Scammers To Pwn Unsuspecting Victims In A Very Clever Way
My honeypot is getting a lot of action over the last week. I say that because it has led me a threat actor who has used Questrade and then Wealthsimple along with TD and finally the National Bank to try and phish credentials from you in order to presumably drain your bank account.
Today it seems that National Bank are again the target of threat actors who are tying to phish you. And what is interesting about this phishing campaign is that it directly mentions phishing campaigns. See for yourself:
That is an email that I received in my honeypot this morning. Now if it is the same threat actors that are behind the other phishing emails, this is pretty clever. They appear to banking on the fact that people might have gotten a few of their previous emails and recognized that they are phishing attempts. Thus they might be more receptive to this one offering to do “cybersecurity verification.” Whatever that is. I say that because there’s a lot of mumbo jumbo in here that has little to no basis in reality. Since it doesn’t name the recipient, and it comes from an non National Bank email address as evidenced by this:
Then you can be 100% sure that it is a phishing email. And in case you were wondering, this is the site that they send you to if you click the link:
This is one of those high quality replications of the website that I saw with the previous phishing scam. The only thing that gives it away is that the URL is clearly not the National Bank. Which makes me believe that the same threat actors are behind this new campaign. What that shows is that these threat actors are evolving. Which means that you need to evolve to avoid being their next victim.
This entry was posted on November 10, 2025 at 1:41 pm and is filed under Commentary with tags Scams. You can follow any responses to this entry through the RSS 2.0 feed.
You can leave a response, or trackback from your own site.
The National Bank Is Again Being Used By Scammers To Pwn Unsuspecting Victims In A Very Clever Way
My honeypot is getting a lot of action over the last week. I say that because it has led me a threat actor who has used Questrade and then Wealthsimple along with TD and finally the National Bank to try and phish credentials from you in order to presumably drain your bank account.
Today it seems that National Bank are again the target of threat actors who are tying to phish you. And what is interesting about this phishing campaign is that it directly mentions phishing campaigns. See for yourself:
That is an email that I received in my honeypot this morning. Now if it is the same threat actors that are behind the other phishing emails, this is pretty clever. They appear to banking on the fact that people might have gotten a few of their previous emails and recognized that they are phishing attempts. Thus they might be more receptive to this one offering to do “cybersecurity verification.” Whatever that is. I say that because there’s a lot of mumbo jumbo in here that has little to no basis in reality. Since it doesn’t name the recipient, and it comes from an non National Bank email address as evidenced by this:
Then you can be 100% sure that it is a phishing email. And in case you were wondering, this is the site that they send you to if you click the link:
This is one of those high quality replications of the website that I saw with the previous phishing scam. The only thing that gives it away is that the URL is clearly not the National Bank. Which makes me believe that the same threat actors are behind this new campaign. What that shows is that these threat actors are evolving. Which means that you need to evolve to avoid being their next victim.
Share this:
Like this:
Related
This entry was posted on November 10, 2025 at 1:41 pm and is filed under Commentary with tags Scams. You can follow any responses to this entry through the RSS 2.0 feed. You can leave a response, or trackback from your own site.