Bitpanda impersonation phishing campaign using fake MFA flow
Campaign
Summary
Hide ▲
Show ▼
A phishing campaign impersonating Bitpanda is stealing credentials and personal data from cryptocurrency brokerage users, raising account-takeover risk. The operation uses a near-perfect fake login flow, including staged MFA screens and a fraudulent site created days before analysis. Victims are prompted to submit names, phone numbers, addresses, and dates of birth, expanding the attack beyond simple password theft. The collected data could support password resets, fraudulent support requests, and access to other accounts that rely on personal verification.
Related Happenings
Meta For Business Facebook Messenger fake-verification phishing campaign
Campaign
H score29
First: 07.07.2026 10:00
Last: 07.07.2026 10:00
Sources 1
About this happening:
A **phishing campaign** abused **Facebook Messenger chatbots** and fake verification lures to steal **Meta For Business** credentials and sensitive identity data, creating account...
Meta For Business Facebook Messenger fake-verification phishing campaign
CampaignAbout this happening: A **phishing campaign** abused **Facebook Messenger chatbots** and fake verification lures to steal **Meta For Business** credentials and sensitive identity data, creating account...
FortiBleed Fortinet credential-theft campaign
Campaign
H score89
First: 19.06.2026 13:48
Last: 19.06.2026 13:48
Sources 1
About this happening:
The **FortiBleed** Happening is a global **Fortinet credential-theft** campaign affecting **FortiGate firewall** and **SSL VPN** customers. The **UK’s NCSC** issued guidance after...
FortiBleed Fortinet credential-theft campaign
CampaignAbout this happening: The **FortiBleed** Happening is a global **Fortinet credential-theft** campaign affecting **FortiGate firewall** and **SSL VPN** customers. The **UK’s NCSC** issued guidance after...
Latest development: 22.06.2026 11:30
The UK’s National Cyber Security Centre issued guidance for Fortinet customers impacted by FortiBleed after the campaign exposed around 75,000 credentials from FortiGate firewall and SSL VPN customers. The NCSC urged affected organizations to use Hudson Rock’s or SOCRadar’s FortiBleed checker tools and then review indicators of compromise such as unauthorized account creation and unexpected activity in log files.
Instagram accounts for Obama White House hit by account takeover attack
Incident
H score40
First: 01.06.2026 20:32
Last: 01.06.2026 20:32
Sources 1
About this happening:
The **Instagram** accounts for the **Obama White House** and the **Chief Master Sergeant of the U.S. Space Force** were briefly **defaced** after attackers abused **Meta’s AI supp...
Instagram accounts for Obama White House hit by account takeover attack
IncidentAbout this happening: The **Instagram** accounts for the **Obama White House** and the **Chief Master Sergeant of the U.S. Space Force** were briefly **defaced** after attackers abused **Meta’s AI supp...
Infostealer malware operation targeting online store users
Malware Activity
H score32
First: 21.05.2026 00:36
Last: 21.05.2026 00:36
Sources 1
About this happening:
A **malware operation** using **infostealer** tools infected users’ devices between **2024 and 2025**, stealing browser sessions and account credentials that enabled account theft...
Infostealer malware operation targeting online store users
Malware ActivityAbout this happening: A **malware operation** using **infostealer** tools infected users’ devices between **2024 and 2025**, stealing browser sessions and account credentials that enabled account theft...
BlackFile vishing extortion campaign targeting retail and hospitality organizations
Campaign
H score37
First: 24.04.2026 21:26
Last: 24.04.2026 21:26
Sources 1
About this happening:
The **BlackFile** campaign is driving **vishing-based data theft and extortion** against **retail and hospitality organizations**, putting employee credentials and enterprise data...
BlackFile vishing extortion campaign targeting retail and hospitality organizations
CampaignAbout this happening: The **BlackFile** campaign is driving **vishing-based data theft and extortion** against **retail and hospitality organizations**, putting employee credentials and enterprise data...
Timeline
-
24.02.2026 18:05 2 articles · 4mo ago
Bitpanda impersonation phishing campaign is disclosed
Initial DisclosureCybersecurity researchers disclosed a phishing campaign impersonating cryptocurrency brokerage Bitpanda that used a near-perfect fake login page and a staged MFA flow to collect credentials and personal data. The lure began with a branded email, sent victims to a deceptive domain created days before analysis, and then redirected users back to the legitimate Bitpanda login page after harvesting names, telephone numbers, residential addresses, and dates of birth.
Show sources
- Multifaceted Phishing Scheme Deceives Bitpanda Customers — www.infosecurity-magazine.com — 24.02.2026 18:05
- Multifaceted Phishing Scheme Deceives Bitpanda Customers — www.infosecurity-magazine.com — 24.02.2026 18:05