Fraudulent Google and Bing banking-phishing campaign targeting American citizens
Campaign
Summary
Hide ▲
Show ▼
A phishing campaign using fraudulent Google and Bing ads targeted American citizens and harvested bank credentials for account takeover, causing direct financial harm. The operation mattered because stolen login details were stored on backend infrastructure and reused to compromise bank accounts.
Related Happenings
Kali365 Microsoft 365 device-code phishing campaign
Campaign
First: 25.05.2026 15:45
Last: 25.05.2026 15:45
Sources 1
About this happening:
A **Kali365** phishing campaign is targeting **Microsoft 365** environments worldwide with **device-code login lures**, putting accounts at risk of **token theft** and **MFA bypas...
Kali365 Microsoft 365 device-code phishing campaign
CampaignAbout this happening: A **Kali365** phishing campaign is targeting **Microsoft 365** environments worldwide with **device-code login lures**, putting accounts at risk of **token theft** and **MFA bypas...
AccountDumpling Google AppSheet Facebook phishing campaign
Campaign
First: 01.05.2026 21:09
Last: 01.05.2026 21:09
Sources 1
About this happening:
A **Vietnamese-linked** operation dubbed **AccountDumpling** is using **Google AppSheet** as a phishing relay to steal **Facebook** credentials, enabling account takeover at scale...
AccountDumpling Google AppSheet Facebook phishing campaign
CampaignAbout this happening: A **Vietnamese-linked** operation dubbed **AccountDumpling** is using **Google AppSheet** as a phishing relay to steal **Facebook** credentials, enabling account takeover at scale...
Scattered Spider 2022 SMS phishing campaign targeting technology companies
Campaign
First: 21.04.2026 17:53
Last: 21.04.2026 17:53
Sources 1
About this happening:
Tyler Robert Buchanan’s guilty plea newly confirms **Scattered Spider**’s **2022 SMS phishing campaign**, showing it reached **at least a dozen major technology companies** and en...
Scattered Spider 2022 SMS phishing campaign targeting technology companies
CampaignAbout this happening: Tyler Robert Buchanan’s guilty plea newly confirms **Scattered Spider**’s **2022 SMS phishing campaign**, showing it reached **at least a dozen major technology companies** and en...
Approval phishing crypto wallet fraud campaign
Campaign
First: 13.04.2026 11:00
Last: 13.04.2026 11:00
Sources 1
About this happening:
**Approval phishing** fraud networks were identified at scale, with **more than 20,000 victims** and at least **$33m** in additional stolen crypto tied to the operation. The fraud...
Approval phishing crypto wallet fraud campaign
CampaignAbout this happening: **Approval phishing** fraud networks were identified at scale, with **more than 20,000 victims** and at least **$33m** in additional stolen crypto tied to the operation. The fraud...
TikTok for Business phishing campaign using Turnstile and reverse proxy
Campaign
First: 26.03.2026 16:09
Last: 26.03.2026 16:09
Sources 1
About this happening:
A **phishing campaign** is targeting **TikTok for Business accounts** and uses **Cloudflare Turnstile** to block automated analysis before exposing a **reverse-proxy** credential-...
TikTok for Business phishing campaign using Turnstile and reverse proxy
CampaignAbout this happening: A **phishing campaign** is targeting **TikTok for Business accounts** and uses **Cloudflare Turnstile** to block automated analysis before exposing a **reverse-proxy** credential-...
Timeline
-
24.12.2025 15:17 2 articles · 5mo ago
U.S. government seizes web3adspanels.org and exposes stolen bank-credential infrastructure
Initial DisclosureThe U.S. government seized web3adspanels.org and the associated database used by cybercriminals to store stolen bank login credentials from phishing campaigns that reached American citizens through fraudulent ads on Google and Bing and redirected them to fake banking portals. The FBI said the scheme involved at least 19 victims in the United States, including two companies in the Northern District of Georgia, with attempted losses of about $28 million and actual losses of about $14.6 million; the seizure was carried out with assistance from Estonian law enforcement and other international partners.
Show sources
- FBI seizes domain storing bank credentials stolen from U.S. victims — www.bleepingcomputer.com — 24.12.2025 15:17
- FBI seizes domain storing bank credentials stolen from U.S. victims — www.bleepingcomputer.com — 24.12.2025 15:17