More and more banks are asking their customers to check their data. Apparently at least. In fact, behind it are phishing emails that scammers use to try to get hold of your confidential data. TECHBOOK explains which meshes they use and how you can protect yourself from them.
For several weeks, new fraud attempts have come to light that endanger customers of various banks. TECHBOOK explains why times seem good for criminals right now – and how you can recognize phishing and protect yourself.
“Suspicious” transfers at savings banks and Volksbanks
The phishing radar went off at the Schleswig-Holstein consumer advice center. It’s about the banks Sparkasse and Volksbanken. According to this, scammers are currently trying to get customer data by e-mail. Under the subject “System Alarm Code”, reference is made to an allegedly “suspicious” transfer that has since been canceled. A necessary account verification must now be carried out using the attached link. But this link actually leads to a wrong website, according to the association. All data entered here are sent directly to the scammers, who can then misuse them for their own purposes.
Also interesting: Postbank customers must agree to new terms and conditions, otherwise the account is gone
Phishing emails disguised as “Important Changes”.
The last attack on Sparkasse customers was not long ago. Your banks are currently facing many changes that customers need to find out about. The situation is exploited by fraudsters for phishing.
It was not until March that e-mails were circulating, apparently in the name of the Sparkasse, in which bank customers were to be informed about a data check required by law. They had subject lines à la “Important change”, “We are changing!”, “Your Sparkasse informed” or “Notice from your Sparkasse”. In order to carry out the alleged verification quickly and to avoid restrictions on banking, the recipients are supposed to fill out a form. However, the attached link does not lead the Sparkasse customers to their bank’s website, but to a fake page and an incorrect form.
Also read: If you get a new Sparkasse EC card, you lose two payment options!
DKB customers also in the focus of fraudsters
The DKB is also one of the banks where customers should beware of phishing. Because here, too, emails were recently in circulation that fraudsters send in the name of the DKB and with which they want to access data. According to the consumer advice center, the most recent phishing attempt has the subject line “confirmation of telephone number”. In order to be able to continue using all online services, bank customers should confirm their stored telephone number. Otherwise there is a risk of the account being blocked. The phone number is used for verification in online banking. It should therefore not fall into the wrong hands. The same applies to all personal data that the fraudsters try to access via the query.
Also read: What is Klarna’s new banking app good for?
Recognize phishing emails from alleged banks
At first glance, the banks’ phishing e-mails make a serious impression. They are kept in the respective typical colors and also display the correct logos. There are no major spelling mistakes. However, a closer look reveals deficiencies, such as missing commas or the lowercase Berlin in the DKB.
In principle, it is advisable not to click directly on links in e-mails. Instead, go directly to your bank’s website. If there is a problem with your account or if the bank needs certain data, they will either inform you here after logging in or send you a letter.
The DKB has also introduced a safety certificate. If customers have deposited their postal code with the bank, the DKB displays two of the five digits in all e-mails to verify themselves. With the zip code 10961 for Berlin, it could look like this: “Your zip code is *0*6*”.
If you do fall for a phishing email, Sparkasse recommends the following steps:
- Change the access data for your banking transactions on the Internet immediately.
- Tell your bank immediately. It can prevent further damage.
- Do not delete the e-mail, it serves as evidence in an emergency.
- If you still have the malicious email, send it to firstname.lastname@example.org or email@example.com.
- File a criminal complaint.