CaixaBank phishing domains

Newly registered lookalikes - tracked daily

CaixaBank phishing domains

Newly registered lookalikes - tracked daily

Tracked (7d)

New (24h)

vs avg

—

Website: caixabank.es
About: AISpanish retail banking phishing - credential and OTP harvest, frequently SMS-launched.
TLDs: .xyz (1) · .com (1)
Hosts: Cloudflare, Inc. (1)
Countries: United States (1)

Recently registered domains — may be used for phishing. Screenshots show parking pages while domains warm up. Use for Threat Hunting or watchlists.

Last check (UTC)	First seen (UTC) ▾	URL	Screenshot	Flags	Details
2026-05-24 00:32	2026-05-24 00:32	https://caixabanknowes.xyz			Details
2026-05-20 00:46	2026-05-20 00:46	https://caixabank-gestion-usuarioweb.com			Details

Recently registered domains — may be used for phishing. Screenshots show parking pages while domains warm up. Use for Threat Hunting or watchlists.

URL	Screenshot	Details
https://caixabanknowes.xyz		Details
https://caixabank-gestion-usu…		Details

AIHow to verify a real CaixaBank URL

Legitimate CaixaBank URLs always end in caixabank.es (e.g. www.caixabank.es, account.caixabank.es). Anything else — including look-alike typosquats, hyphenated variations, or unfamiliar TLDs like .xyz / .top / .vip — is not CaixaBank.
The domains listed above were registered within the last 7 days. New-domain age is itself a signal — CaixaBank has owned caixabank.es for years; brand-new look-alikes are almost never legitimate.
If you got the link from email, SMS, or social media, do not click it. Open caixabank.es from your browser bookmark or type the domain manually.
Real CaixaBank pages almost never ask for credentials immediately after clicking from a message — treat any such redirect as a phishing attempt until the domain is verified.