**Banking Impersonation Campaign Targeting Santander and Bank of America Customers**
This scam campaign involves fraudulent communications impersonating major financial institutions, with SANTANDER BANK, NATIONAL ASSOCIATION and BANK OF AMERICA, NATIONAL ASSOCIATION being the primary targets for impersonation. The campaign has generated significant consumer impact, with 4,275 CFPB complaints associated with Santander and 174,437 complaints connected to Bank of America. The fraudsters also utilize secondary company impersonations including The Money Company (2 complaints) and ACCOUNT SERVICES INC. (8 complaints) to create additional vectors for financial fraud.
The technical infrastructure of this campaign centers around a network of compromised and malicious domains with high confidence connections. The domain 220-134-143-176.hinet-ip.hinet.net serves as a central hub, showing perfect confidence correlations (1.00) with four other domains: web.dsps.ptc.edu.tw, 218-161-76-45.hinet-ip.hinet.net, digestivomurcia.com, and asserr.es. Both HiNet IP addresses were registered through Net-Chinese Co., Ltd. in 1994, while digestivomurcia.com was registered on October 22, 2008, through CSL Computer Service Langenbach GmbH d/b/a joker.com. Community reports specifically identify asserr.es as hosting active Santander phishing pages, with URLs designed to steal banking credentials through paths like "/components/com_weblinks/views/form/tmpl/05enx.php".
Consumer reports indicate the campaign extends beyond simple phishing to include elaborate investment and timeshare scams, with one victim reporting sending over $100,000 to Mexico for a vacation timeshare transaction that failed to materialize. The sophisticated nature of these operations suggests organized criminal networks using the banking impersonation as a trust-building mechanism before executing larger financial frauds.
**Consumer Protection Guidance**
To protect yourself from this campaign, verify any banking communications by contacting your financial institution directly using official phone numbers from your statements or cards, never from emails or suspicious websites. If contacted through suspicious emails, texts, or calls claiming to be from Santander, Bank of America, or related financial services, hang up immediately and do not click any links or provide personal information. Before visiting any banking website, verify the domain is legitimate by checking the official institution's website directly through your browser. Report suspected fraud immediately to the FTC at reportfraud.ftc.gov or to the FCC for phone-related scams. You can verify if a phone number or domain is associated with scams by searching consumer protection databases and checking recent community reports before engaging with any communications.
This campaign represents a high-threat level due to its sophisticated infrastructure, significant consumer impact with over 178,000 combined complaints, and documented active phishing operations. Immediate next steps include avoiding interaction with the identified domains, reporting any suspicious communications to authorities, and implementing enhanced verification procedures for all financial communications.