Category: Blog

Emerging Smishing Campaigns Targeting Caribbean Banks: What You Need to Know

In recent weeks, Hitachi Cyber’s Cyber Threat Intelligence team has identified and alerted on an emerging smishing campaign actively targeting some of our customers in the Caribbean. While the scope of the activity remains limited for now, the attackers are following a clear and repeatable pattern—suggesting the potential for broader exploitation. 

The Attack Pattern

This campaign typically follows the same sequence: 

  • Registration of a spoofed domain resembling a legitimate bank, most often in the format: bankname.today 
  • Deployment of a virtual private server (VPS) used to host malicious content 
    • Use of one of two techniques: 
      • HTTP 302 redirection to another VPS containing the phishing site 
      • Direct website cloning of the bank’s official interface 

These fake sites are then promoted via SMS messages that appear to come from the targeted bank, prompting users to click and enter sensitive information such as login credentials or account numbers. 

Recommendations for Financial Institutions

To help mitigate the risk and protect customers, Hitachi Cyber recommends the following proactive steps: 

  1. Register domains like bankname.today to block potential abuse. 
  2. Monitor domain registrations that mimic your institution’s name or branding. 
  3. Inform customers that your bank will never request action via SMS links, unless confirmed through official communications. 
  4. Make clear that bankname.today is not part of your organization, and should not be trusted. 
  5. Encourage safe practices, such as manually typing the bank’s official URL into a browser or contacting customer service directly when in doubt. 

How Hitachi Cyber Supports the Financial Sector

Hitachi Cyber partners with financial institutions across the Caribbean and globally to detect and respond to emerging threats. Our Cyber Threat Intelligence and 24/7 Managed Security Services teams monitor infrastructure for malicious activity and provide timely alerts and mitigation support.

If your organization would benefit from enhanced visibility, domain monitoring, or real-time threat detection, contact us to speak with our cybersecurity experts. 

Share This Post

  • Blog

    - July 11, 2025

    Evolving Threats, Accelerating Risks: Navigating the Shifting Cybersecurity Landscape

  • Blog

    - June 25, 2025

    Understanding the Surge of Distributed Denial-of-Service Attacks

  • Working Data Center Full of Rack Servers and Supercomputers, Mod

    Blog, News

    - June 25, 2025

    Safeguarding the Digital Core: How Hitachi Cyber Protects Data Centres in an Evolving Threat Landscape

Do You Want To Schedule A Discovery Call?