- This type of campaign is not new for CERT-AGID; the last report dates back to October 5, 2023, while the previous one was on May 25, 2023.
- Although the methods and domains used may vary each time, the purpose remains constant: to induce victims to provide their login credentials by promising a fictitious refund and asking them to select one of the 20 listed banks.
Source: Original Post