The National CERT informs all banking customers that a malicious phishing campaign is underway that misuses the name of Raiffeisen Bank, which operates in the market of the Republic of Serbia. This is a campaign that reaches users in the form of email messages with titles such as: "Important Notice: Your Account is Temporarily Blocked" and "Urgent Update Required: Act Immediately Regarding Your Account". The text of the malicious email states that there has been an alleged significant improvement in the bank's security system and that it is necessary for the user to update their data.

Based on previous experience, such phishing campaigns are distributed on behalf of several banks operating in the territory of the Republic of Serbia. The National CERT recommends that all users, if they receive such messages via email, be cautious and delete them immediately, and it is especially important to pay attention not to click on the link in the message or open the attachment. Also, banks usually send such notifications to clients with a digital signature, so it is possible to verify the identity of the sender even before opening the email.

Below you can see an example of the last of these phishing messages, while Raiffeisen Bank's announcement, with examples of spoofed domains and a detailed, visual, display of how to recognize them, can be seen at the following link.