On Monday, the U.S. Justice Department (DoJ) announced the seizure of a web domain and database that it said criminals used to advance a scheme designed to target and defraud Americans through bank account takeover fraud.
Specifically, the domain web3adspanels[.]org functioned as a backend web panel that hosted and managed illegally harvested bank login credentials. Visitors to the website now see a seizure banner stating that authorities dismantled the domain as part of an international law enforcement operation led by officials from the U.S. and Estonia.
“The criminal group perpetrating the bank account takeover fraud delivered fraudulent advertisements through search engines, including Google and Bing,” the DoJ said. “These fraudulent advertisements imitate the sponsored search engine advertisements used by legitimate banking entities.”
Redirects to Fake Banking Websites
Through these ads, the attackers redirected unsuspecting users to fake bank websites under their control. On those sites, the threat actors captured login credentials that victims entered, using an unspecified malicious software program embedded into the pages. The criminals then used the stolen credentials to access legitimate banking websites, take control of victims’ accounts, and drain their funds.
So far, investigators estimate that the scheme has affected 19 victims across the U.S., including two companies located in the Northern District of Georgia. As a result, the fraud attempts caused approximately $28 million in attempted losses and roughly $14.6 million in confirmed losses.
Additionally, the DoJ said the confiscated domain stored stolen login credentials belonging to thousands of victims. The same infrastructure also hosted a backend server that supported account takeover fraud activity as recently as last month.
Rising Bank Account Takeover Complaints Nationwide
Meanwhile, according to information shared by the U.S. Federal Bureau of Investigation (FBI), the Internet Crime Complaint Center (IC3) has received more than 5,100 complaints related to bank account takeover fraud since January 2025. Collectively, those incidents account for reported losses exceeding $262 million.
In response, authorities advise users to exercise caution when sharing personal information online or on social media, regularly monitor financial accounts for irregular activity, and use unique, complex passwords. In addition, users should verify banking website URLs before signing in and remain vigilant against phishing attempts, suspicious messages, or unsolicited callers.
Source: TheHackerNews
Read more at Impreza News
