Monzo customers in the UK are targeted with an SMS-based phishing campaign, aimed at stealing their bank accounts.
With a bunch of Monzo-themed websites, the threat actors are seen sending SMS to customers with malicious links in it. The campaign is made to compromise the bank-linked email account, and finally, the bank account even if it’s protected by 2FA.
Phishing Campaign Targeting Monzo Customers
Monzo is a UK-based digital bank launched in 2015, offering a full-on online banking service through its feature-rich app and virtual debit cards processed by MasterCard. With a fair base of over four million customers, threat actors targeting Monzo’s digital base should be expected.
And it’s happening, as spotted by William Thomas, a security researcher. As per him , an SMS-based phishing campaign is in the wild, aimed at stealing the Monzo bank accounts . This starts with an SMS purported to be coming from Monzo, asking to click on a link for verifying an account or reactivating the current one.
???? FRAUD ALERT: PHISHING SCAMS ???? Is that text from your bank, actually from your bank? ???? We’d never send you a link to verify your account via text, or ask you to log in to a website to confirm any account details. Here are the red flags of a phishing scam… THREAD???? pic.twitter.com/e71TscTLMw — Monzo (@monzo) February 16, 2022
