The National CERT informs all banking customers that a malicious phishing campaign is underway that misuses the name of Raiffeisen Bank, which operates in the market of the Republic of Serbia. This is a campaign that reaches users in the form of email messages with titles such as: "Urgent action is needed for the security of your credit card!" or "You must verify your identity!". The text of the malicious email states that there has been an alleged error in the functioning of the user's account and that it is necessary for the user to update their data, or that unusual use of the payment card has allegedly been noticed and that it has been misused, followed by instructions on what to do to prevent further misuse of the payment card. The message also contains a 12-hour deadline for updating personal data, in order for the user to prevent the alleged blocking of access to the bank account.

Based on past experience, such phishing campaigns are usually distributed on behalf of several different banks operating in the Republic of Serbia, which is why the National CERT recommends that all users, if they receive such e-mails, be cautious and delete them immediately, and especially pay attention not to click on the link in the message or open the attachment. Also, banks usually send such notifications to clients with a digital signature, so it is possible to verify the identity of the sender even before opening the e-mail.

Below, you can find an example of one of such phishing messages, while the publication of Raiffeisen Bank, with examples of spoofed domains, can be seen at the following link.