Select Page

Cyren Security Blog

The Cyren Security Blog is where Cyren engineers and thought leaders provide insights, research and analysis on a range of current cybersecurity topics.

Targeted Financial Phishing Attack Identified and Mitigated by CYREN

CYREN GlobalView Security Lab First to Identify and Mitigate Danske Bank and Swedbank Phishing Attack

With the ability to analyze over 12 billion transactions per day on its real-time global infrastructure, CYREN was the first to recognize and stop a targeted phishing attack on customers of the Norwegian and Swedish financial institutions, Danske Bank and Swedbank. Upon identifying the scheme, CYREN immediately notified other industry security firms.

This particular attack included hundreds of new phishing URLs sent out to millions of email recipients within a few hours. By clicking the link, unsuspecting clients were sent to an official looking website that bore a strong resemblance to the actual bank login page.

Fake Danske Bank Website

danske bank website

Fake Swedbank Website

fake swedbank website

Real Danske Bank Website

real danske bank website

Sample links – some hosted on hacked legitimate sites – include:


In this most recent attack, cyber criminals are using well-honed marketing techniques to move from one target audience to the next by localizing the messaging – first for Danish and then Swedish banking customers.

You might also like

Protect Office 365 Email from Ransomware

Ransomware is continually evolving. It has become the “most prominent malware threat”, with experts estimating that ransomware attacks in 2021 resulted in total damage costs of $20 billion. While there is no ransomware that specifically targets Office 365 data, it can...