Another Fraud Threat to Protect Against: Fake Online Banking Login Pages

March 28, 2024
Jerry Brodnax
Jerry Brodnax

Sophisticated and often global criminal organizations are out to defraud your business, and their strategies are constantly evolving. One of the latest types of cyberattacks you need to be familiar with — and educate your employees about — is called “website/URL spoofing.” Cyber criminals are using this form of fraud to attack users of commercial online banking platforms.

Many banks invest millions of dollars in fraud prevention and detection tools that help successfully stop many attempted cyberattacks. However, technology has limits, so companies need to step up to defend against an increasingly common form of attack that combines not only spoofing but also elements of phishing and social engineering.




How the Criminals Attack

The fraudsters have purchased sponsored sites on internet search engines like Google that are designed to lure authorized users at a business to click on a link to a false commercial online banking login page and key in their credentials.

Using the captured credentials, the criminals can initiate electronic transactions from the targeted company’s accounts. The velocity of the money movement to the criminal’s accounts is very high and nearly unstoppable once the transaction is initiated.

A spoofed site can be an almost exact replica of a bank’s commercial online banking login page, and the fake URL may vary only slightly from the real URL.

After stealing the user credentials, the criminals create a window of opportunity to initiate fraudulent transactions by posting that the online banking site is temporarily down. They even go as far as calling users and posing as bank representatives offering to help. The fraudsters ask them and other users or administrators to input credentials, while the fraudsters are accessing the correct site with their user credentials captured during the spoofed session.


Thwarting Website/URL Spoofing

Fortunately, a website/URL spoofing attack can be easily thwarted if your system administrators and users always securely access online banking directly through your provider bank’s website.


Critical Security Advice for Treasury Manager Users

  • Never attempt to access the Hancock Whitney Treasury Manager commercial online banking platform through a search engine like Google or a saved bookmark.
  • Always access Treasury Manager by going to and selecting Treasury Manager from the drop down in the Account Login box.
  • Remember, Hancock Whitney will never contact you and ask you to input login credentials.

Have Questions?

Increasingly, business-to-business transactions settle quickly — even instantly — and in some cases are irrevocable. As a result, once a fraudulent B2B transfer has occurred, recovering the funds can be difficult. So, fraud prevention is critical.

If you have any questions about how to protect your business from website/URL spoofing or other forms of cyber fraud, or if at any time you think you may have been compromised or contacted by a cybercriminal, please immediately contact Treasury Services Client Support at 1-866-594-2304.

And for more information about cybersecurity controls and best practices, visit