Banco Santander phishing domains

Newly registered lookalikes - tracked daily

Banco Santander phishing domains

Newly registered lookalikes - tracked daily

Tracked (7d)

New (24h)

vs avg

—

Website: bancosantander.es
About: AIRetail banking phishing concentrated in Spain, UK, Latin America. Mimics the personal banking login and OTP confirmation flow.
TLDs: .com (6) · .online (3) · .top (1)
Hosts: Cloudflare, Inc. (6) · Wix.com Ltd. (1) · PrivateSystems Networks (1)
Countries: United States (8) · Germany (1) · Canada (1)

Recently registered domains — may be used for phishing. Screenshots show parking pages while domains warm up. Use for Threat Hunting or watchlists.

Last check (UTC)	First seen (UTC) ▾	URL	Details
2026-06-27 01:51	2026-06-27 01:51	https://totta.online	Details
2026-06-27 01:49	2026-06-27 01:49	https://santanderempresa.top	Details
2026-06-26 02:32	2026-06-26 02:32	https://santander.casino	Details
2026-06-25 02:28	2026-06-25 02:28	https://santanderwooddesigns.com	Details
2026-06-25 02:28	2026-06-25 02:28	https://santanderfashionweek.com	Details
2026-06-25 00:56	2026-06-25 00:56	https://beyondwealh-santander.com	Details
2026-06-24 01:52	2026-06-24 01:52	https://santandersoluciones.com	Details
2026-06-24 01:52	2026-06-24 01:52	https://santander-casino.com	Details
2026-06-23 02:14	2026-06-23 02:14	https://santandervalleycol.com	Details
2026-06-20 02:45	2026-06-20 02:45	https://santandersupport.net	Details
2026-06-20 02:45	2026-06-20 02:45	https://santandercapital.online	Details
2026-06-20 02:44	2026-06-20 02:44	https://santander-empresas.info	Details
2026-06-20 01:05	2026-06-20 01:05	https://enlace-santandermx.online	Details

Recently registered domains — may be used for phishing. Screenshots show parking pages while domains warm up. Use for Threat Hunting or watchlists.

URL	Screenshot	Details
https://totta.online		Details
https://santanderempresa.top		Details
https://santander.casino		Details
https://santanderwooddesigns.…		Details
https://santanderfashionweek.…		Details
https://beyondwealh-santander…		Details
https://santandersoluciones.c…		Details
https://santander-casino.com		Details
https://santandervalleycol.com		Details
https://santandersupport.net		Details
https://santandercapital.onli…		Details
https://santander-empresas.in…		Details
https://enlace-santandermx.on…		Details

AIHow to verify a real Banco Santander URL

Legitimate Banco Santander URLs always end in bancosantander.es (e.g. www.bancosantander.es, account.bancosantander.es). Anything else — including look-alike typosquats, hyphenated variations, or unfamiliar TLDs like .xyz / .top / .vip — is not Banco Santander.
The domains listed above were registered within the last 7 days. New-domain age is itself a signal — Banco Santander has owned bancosantander.es for years; brand-new look-alikes are almost never legitimate.
If you got the link from email, SMS, or social media, do not click it. Open bancosantander.es from your browser bookmark or type the domain manually.
Real Banco Santander pages almost never ask for credentials immediately after clicking from a message — treat any such redirect as a phishing attempt until the domain is verified.