Mexico's National Commission for the Protection and Defense of Users of Financial Services issued a public warning about possible identity impersonation affecting Banco Inmobiliario Mexicano, S.A., Institución de Banca Múltiple. The alert describes a fraud in which unknown parties misuse the bank's name, image and official data through its online banking channel, eBIM or Banca Electrónica, to obtain customer credentials and then gain access to accounts and customer funds. According to the notice, the scheme captures data including the username, password and supertoken. After obtaining those details, the fraudsters simulate a system error, call the victim and persuade them to reset their password so they can take control of the victim's mobile banking. CONDUSEF advised users to type the institution's official web address directly into their browser, verify official institution details through the SIPRES portal, immediately close any page flagged as suspicious or phishing, avoid sharing sensitive information through links, search engine ads, social networks or messaging applications, and contact the bank at once to apply a preventive block if suspicious activity is detected. The notice also states that BIM will not ask customers by phone or through links for passwords, security codes or token synchronization. Users with doubts are advised to contact BIM through its official channels or seek guidance from CONDUSEF.
CONDUSEF2026-07-03
Mexico's National Commission for the Protection and Defense of Users of Financial Services warns of possible Banco Inmobiliario Mexicano impersonation to steal online banking credentials
Mexico's National Commission for the Protection and Defense of Users of Financial Services warned of a possible impersonation scheme targeting Banco Inmobiliario Mexicano customers through the bank's eBIM online banking channel. The fraud uses fake access flows to capture credentials and then phone calls about supposed system errors to induce password resets and seize control of mobile banking. Users were told to verify official details through SIPRES, avoid sharing sensitive data and contact the bank immediately if suspicious activity appears.