Security News > 2022 > February > New phishing campaign targets Monzo online-banking customers
Users of Monzo, one of the UK's most popular digital-only banking platforms, are being targeted by phishing messages supported by a growing network of malicious websites.
Monzo is a 100% online banking platform with over four million customers and among the first to challenge the traditional financial managing system.
According to a report by security researcher William Thomas, there's an ongoing phishing campaign targeting users of Monzo and attempting to steal their accounts.
In a new report, Thomas explains that the phishing process begins with the arrival of an SMS text showing Monzo as the sender's name, asking the recipient to tap the provided link to reactivate their session or verify their account.
The users are taken to a phishing site that displays a fake email login form and then requests information about their Monzo account, including full name, phone number, and the Monzo PIN. If these details are provided, the threat actors now have everything needed to begin taking over victims' Monzo accounts.
If you've tapped on these links and provided any login details to the actors, reset your account passwords immediately and activate MFA on both your email and Monzo accounts.