An urgent call from the house bank: crooks would steal your money. However, the real danger comes from the caller. We have been trained by scammers.
Reading time: 16 mins
Save to Pocket
(Image: Albert Hulm)
How telephone fraudsters circumvent two-factor authorization Selection through phishing for clues Put account holders under pressure Fraudsters in training Meticulous preparation Conclusion Read the article in c’t 14/2023
Online banking fraud should actually be completely impossible today: After all, according to the EU directive PSD2 (Payment Service Directive 2), every transfer has required a 2-factor authorization since the beginning of 2021. TAN lists are just as obsolete as the SMS TAN procedure; very secure authentication procedures such as pushTAN or photoTAN have taken their place. Crack this authentication? Pretty hopeless.
Instead, the scammers have discovered humans as their weak point. Instead of attacking 2-factor authorizations, they use psychological tricks on the account holders – with success. The supposed customer friendliness of various banks plays into their hands. We researched current online banking scams, trained to be fraudsters, and watched as others tried to scam us.
The basis of online banking fraud is phishing to allow the perpetrators to look into your accounts. The criminals benefit from financial institutions that lower the security requirements to the legal minimum and only ask for the second factor every 90 days. This is often justified with customer friendliness or with the fact that one does not want to impose too high hurdles on customers to use the online offers.
More and more knowledge.
The digital subscription for IT and technology.
All exclusive tests, guides & background information
One subscription for all magazines: Read c’t, iX, MIT Technology Review, Mac & i, Make, c’t photography directly in your browser
No risk: first month free, then monthly from €9.95. Magazine subscribers read even cheaper! Start a FREE month Try it now for FREE & continue reading right away!
already subscribed to heise+?
Register and read Register now and read the article immediately Home How telephone scammers circumvent two-factor authorization Selection through phishing for clues Putting account holders under pressure Scammers in training Meticulous preparation Summary Read the article in c’t 14/2023
c’t Magazin – everything about the new issue: tests, practice, knowledge and much more, every 2nd Friday.
Detailed information on the transit procedure and your cancellation options can be found in our data protection declaration.