DNSC warns about the 'Spiderman' attack, which clones banking websites to steal sensitive data. Users are advised to check official domains.

The National Cyber Security Directorate (DNSC) has issued a warning about a new phishing attack called 'Spiderman', which allows the cloning of official websites of banks and European financial platforms. This sophisticated kit enables hackers to collect passwords, authentication codes, and card data.

The modular structure of the kit allows for the rapid addition of new targets, including major banks such as Deutsche Bank and ING, as well as fintech platforms like PayPal. Attackers can intercept victims' sessions and PhotoTAN codes in real time, which can lead to identity theft and financial fraud. DNSC recommends that users verify official domains before entering sensitive data and report any suspicious activity. Experts emphasize the importance of confirming that users are on legitimate sites to avoid phishing traps.