CyberHeist Phish Report

CyberHeist Phish is a highly targeted phishing campaign designed to mimic the full experience of corporate online banking. Aimed at Corporate, Commercial, and Treasury account holders, the campaign utilizes malicious Google Ads and thousands of phishing links to lure victims searching for their bank login pages. Once clicked, users are redirected to realistic-looking portals that replicate the exact steps of their banking platform—right down to OTPs, security questions, and device verification.

What sets this campaign apart is its real-time interaction and adaptive targeting. Attackers instantly relay login credentials to actual bank sites, making the phishing process appear legitimate. This immediate response increases the likelihood of victims believing they are interacting with a trusted platform.

To stay hidden, the phishing pages are only shown to select users based on their device, location, or internet provider, while others see clean, harmless content. This selective targeting helps avoid detection and increases the campaign's effectiveness. The operation reflects a sharp evolution in phishing tactics and highlights the urgent need for proactive digital defenses in the banking sector.