“Just be careful” is easy to say. However, it is more than questionable whether, in the heat of the moment and in the face of a full inbox, one always finds the time to look at every single e-mail carefully. No wonder, then, that the phishing scam still works extremely well today and continues to claim countless victims every day. In principle, however, there are only two alternative approaches: On the one hand, most online service providers now offer so-called two-factor authentication (more on this below) and on the other hand, the risk is significantly lower if you know in advance which e-mails you are accessing should pay attention. And that's exactly what you'll find out here.
Phishing emails since May 16th
The consumer advice center NRW continuously lists the latest phishing emails as part of its phishing radar. Of course, the list is not exhaustive; other emails are also in circulation. However, it shows which e-mails users should definitely keep an eye out for at the moment.
This week, these include the following companies:
AppleINGSparkasseAdvanzia BankDKBVolks- und Raiffeisenbanken
Details of the current phishing situation
Banks and PayPal are usually the main targets of cybercriminals. But this time Apple users were not spared either. According to a phishing email that is currently circulating, the recipient's Apple ID service will be temporarily suspended. This is justified by the fact that there was an unsuccessful attempt to log in with the user's Apple ID. The potential victims are asked to "do a review" – after which the block is lifted again.
Basically, the phishing email doesn't look particularly threatening because it was obviously not written by a native speaker. Apparently, the recipients are addressed by name. Consequently, caution is advised.
In addition to Apple, numerous banks are currently under fire. First of all, ING. The user account is said to have been temporarily blocked here because personal data was not confirmed. As always, registration data should not be entered via an unknown link in an e-mail. In addition, there is no direct customer contact – and that is always the first and probably also the most important indication that the e-mail is a phishing e-mail. Although the bad grammar also speaks volumes.
The cybercriminals responsible for the latest Sparkasse scam didn't put too much effort into it. Visually, the current phishing mail is, as always, one of the best, but the content is anything but convincing. So you have simply received an important message that needs to be answered. Direct customer contact? none.
Here the account should be blocked due to an alleged misuse of the card data for security reasons. Therefore you have to click on “the following link”. More explanations? none. In addition, the e-mail looks as if you hadn't even bothered to use Google Translate. Because its algorithms are now at a significantly higher level and would not commit most of the errors contained in the phishing mail.
At the DKB, the cybercriminals justify the restriction of the payment card with the fact that irregular activities were detected. Recipients are prompted to verify their data – in a comparatively credible way. If you are unsure whether the email is actually a message from the bank, it is advisable to contact DKB employees. However, under no circumstances may contact details from the e-mails be used for this purpose.
Volksbanks and Raiffeisenbanks
The alleged mail from the Volks- und Raiffeisenbanken also lacks direct customer contact. In terms of content, the reintroduction of an additional authentication level is discussed. This should be the PSD2 fingerprint. Caution is advised this time, even without direct customer contact, because the phishing email can only be distinguished from a real email to a limited extent, both visually and in terms of content.
Phishing 2022 – Previous Cases
The list of phishing attempts in Germany is getting longer and longer. It is clear that it mainly affects large companies. You have many customers and therefore many potential victims of phishing. This list shows which companies have already been used by phishing scammers to steal your data or money in 2022:
1&1Advanzia BankAmazonBaFin (Federal Financial Supervisory Authority)BarclaysBitcoin blackmailCommerzbankDeutsche BankDeutsche Kreditbank (DKB)DHLDKBIonosINGLandesbank Berlin (LBB)PayPalPostbankSMS (Voicemail)SparkasseTelekomVolks- und RaiffeisenbankenWEB.DEWhatsAppCustoms office
What is phishing actually?
When one thinks of cybercriminals, Hollywood images of strangers in hoodies sitting in a basement in front of five screens gazing at the Pentagon automatically spring to mind. However, the truth is often very different. Because you don't need five screens or a great deal of knowledge about security software to get hold of Internet users' money. Even a hoodie is not absolutely necessary for this. Many users voluntarily reveal their access data when asked to do so.
All that is required is an e-mail in the Amazon look, for example, which informs recipients about unusual account activity or a change in the terms and conditions. The victim is then prompted to perform authorization by clicking a link and logging into their account. Only the link does not lead to the Amazon website, but to a copy. The login data entered here end up directly with the cyber criminals. There is now a veritable industry behind phishing.
Other scams & protection mechanisms:
eBay Classifieds and Co.: You are being ripped off with these scamsWhatsApp rip-off: These are the insidious scams of fraudstersprivacy by gluing the webcam? This is a more elegant way to solve the problem
This is how you protect yourself
Once the scammers have captured your user data, they can use it for identity theft, for example. If the login details belong to a service linked to the bank account, your wallet could suffer as well. That's why you should pay attention to e-mails in general and to messages from the providers mentioned above in particular. Does the email have spelling mistakes? What about direct customer contact? Is the sender or the sender's email address in the header of the email actually PayPal? Does the linked website belong to the online payment service or is the URL rather cryptic? All of these questions can unmask a phishing email.
Another good self-protection measure is two-factor authentication (2FA). This is double login protection, in which a second login barrier is set up in addition to the login data – for example in the form of a code that refers to a previously stored one phone number will be provided. As a rule, cybercriminals cannot get hold of this so easily. Although this protective line is not insurmountable either. You can find more information on this topic in our phishing guide.
Read on now
Darknet & Deep Web: The Dark Secrets of the World Wide Web
About our links
We mark partner links with these symbols.
If you click on such a link or button or make a purchase via it, we will receive a small
Remuneration from the respective website operator. This has no effect on the price of a purchase.
But you help us to continue offering inside digital free of charge. Thanks very much!