Skip to Content
Banking phishing scams
© Dr911 |
Security & privacy

New banking scam: Warning for Bank of America, Citi and Wells Fargo customers

Cybercriminals often scour a website’s code, figuring out how to infiltrate the data. When they discover vulnerabilities or security weaknesses, they launch attacks with devastating consequences. Tap or click here to see how the personal details of 5.4M Twitter users leaked.

Other times, hackers take a back seat to the action. Instead, they sell their tools to other criminals who use them to commit cybercrimes. Taking a page from legitimate companies, hackers promote their wares as Malware as a Service (MaaS). But a new twist that includes phishing is now here.

Read on for the latest cybercrimes against banks using PhaaS and what you can do about it.

Here’s the backstory

Software as a service (SaaS) is a legit business model. Popular SaaS products include productivity tools such as Trello and Slack. In addition, Microsoft’s Office 365, Adobe Creative Cloud and Google Workspace are all seen as software as a service.

Regarding cybercrime, a relatively new tool is Phishing as a Service (PhaaS), where hackers sell their phishing software to criminals for a monthly fee. Unfortunately, one of these PhaaS attacks is rampant in the U.S., targeting Citibank, Bank of America, Capital One, and Wells Fargo customers.

According to the cybersecurity company IronNet, “Robin Banks is a ready-made phishing kit aiming to gain access to the financial information of individuals residing in the U.S., as well as the U.K., Canada, and Australia.”

A phishing scam is when criminals send text messages or emails to potential victims hoping to trick them into handing over their banking information. The emails are often designed to mimic authentic banking communications but contain malicious links or attachments.

Once clicked, it takes you to a spoofed website where you must enter your banking credentials. But once you do so, the website captures your information and drains your account.

Hackers can even tweak Robin Banks to steal Google, Microsoft, or other online account information. However, the most worrying aspect of the software is not what it can do but that it’s relatively affordable.

According to IronNet, “single pages, which include any future updates and 24/7 support, run for $50 per month. Full access, which provides access to all pages, costs $200/month.”

What you can do about phishing scams

Phishing attacks have severe consequences. But you can take steps to protect yourself. Here are a few security tips:

  • Never click on links you receive in unsolicited emails or text messages. They could be malicious and infect your device with malware.
  • Don’t open Word or Excel files attached to unsolicited emails. If you open one of these documents and it says that you need to enable macros, close the file and delete it immediately.
  • Keep your computer and mobile devices updated to the latest version. Operating system and application updates safeguard you against the latest threats, and it’s your first line of defense against malware.
  • Use two-factor authentication and password managers for better security. Tap or click here for details on 2FA.
  • Always have a trusted antivirus program updated and running on all your devices. We recommend our sponsor, TotalAV. Get an annual plan with TotalAV for only $19 at That’s over 85% off the regular price!

Keep reading

New report: Half of every phishing attempt worldwide impersonates this brand

This data-stealing phishing attack is a triple malware threat

Komando Community background

Join the Komando Community

Get even more know-how in the Komando Community! Here, you can enjoy The Kim Komando Show on your schedule, read Kim's eBooks for free, ask your tech questions in the Forum — and so much more.

Try it for 30 days