8FFR-00148-001 CSIRT warns activation of three fraudulent portals

Summary

The Computer Security Incident Response Team (CSIRT) has identified the activation of a fraudulent portal associated with an IP that supplants the official website of Banco de Chile, which could be used to steal credentials from users of that entity.

The above constitutes a falsification of the institutional brand that could affect users, customers and the mentioned banking entity.

 

Commitment Indicators

URLs

Cloned Site URL:

https[://]crazygirlinflipflops[.]com/wp-content/www[.]bancochile[.]cl/servicio/personas/www[.]bancoedwards[.]cl/Login[.]htm

https[://]chotanthanh[.]vn/documentation/www[.]bancochile[.]cl/servicio/personas/www[.]bancoedwards[.]cl/Login[.]htm

https[://]bienhoaoto[.]com/wp-content/www[.]bancochile[.]cl/servicio/personas/www[.]bancoedwards[.]cl/Login[.]htm

 

IP

150.95.114.81

 

Location

Hanoi, Ha Noi, Viet Nam

 

Recommendations

Avoid accessing the site indicated above and informing users about its existence, to prevent them from becoming victims of fraud.
Be cautious against this type of fraudulent pages.
Block in proxy or content control systems, towards the malicious URL
Evaluate the preventive blocking of commitment indicators
Keep all technology and threat detection platforms updated
Review the security controls of the AntiSpam and SandBoxing.