Detects a phishing kit for the Bank of Nova Scotia (Scotiabank) targeting Spanish speaking users. Deployed often on replit.com.
title: Bank of Nova Scotia (Scotiabank) Phishing Kit TYnAqzTX
description: |
Detects a phishing kit for the Bank of Nova Scotia (Scotiabank) targeting Spanish speaking users.
Deployed often on replit.com.
references:
- https://www.scotiaonline.scotiabank.com/
- https://urlscan.io/result/1ec9979c-a03d-4466-9696-747e522b07d7/
- https://urlscan.io/result/cb65e495-fc75-4536-94be-7831e04c4124/
- https://urlscan.io/result/f3dd32bb-281d-4559-8679-2d287a26e7fd/
detection:
img:
html|contains|all:
- img src="img/war.svg"
- img src="img/ojo.svg"
- img src="img/depart.svg"
script:
html|contains:
- script src="js/funciones.js"
form:
html|contains:
- <form autocomplete="off" id="fusuario">
condition: img and script and form
tags:
- kit
- target.scotiabank