Phishing attacks on behalf of savings banks and banks

Phishing attacks on behalf of savings banks and banks

The savings bank “urgently” warns of new phishing mails in which the bank allegedly provides information about the “S-ID check”. With this scam, criminals want savings bank customers to activate the “new security function” for their credit cards. To do this, customers are asked to click on a link in the email that leads to a phishing site. Anyone who has already entered data should contact their Sparkasse. This emerges from a message from the computer emergency team of the Sparkassen-Finanzgruppe – S-CERT.

Advertisement

S-ID check not new

In fact, the Sparkasse has been offering the S-ID check, also known as “3-D Secure”, for customer authentication since 2016. For example, Mastercard calls it “Mastercard Identity Check”, Visa calls it “Visa Secure” and American Express calls it “SafeKey”. When paying, for example, customers have to enter a TAN, which customers receive via an app.

However, banks would not ask their customers to disclose data via a link. The Sparkasse therefore advises moving the attempted fraud directly to the spam folder.

Image 1 of 4

S-ID check at Sparkasse not new

(Image: Savings Bank)

More phishing scams

Just recently, the NRW consumer advice center drew attention to another scam in its phishing radar, which is also aimed at savings bank customers – again under the pretext of introducing a new security procedure (Sparkassen Secure+ or DigiSaveSecure+). In addition, the addressees are lured with an “exclusive cashback”.

Advertisement

Another phishing method concerns the ING direct bank. There customers should log in to their account with a link and follow step-by-step instructions. Allegedly, the phone number associated with the account needs to be updated.

According to the consumer advice center in North Rhine-Westphalia, customers of Deutsche Bank want to trick criminals by reactivating the PhotoTAN process. “Log in with your bank details. Confirm your required fields to re-enable security,” the email reads.

Phishing as a permanent problem

Fraudsters keep trying to get sensitive customer data through phishing. Some e-mails look deceptively real. The Federal Situation Report Cybercrime 2022 also shows that encryption Trojans often get onto the victims’ systems via phishing sites. Therefore, when in doubt, it is worth calling the person from whom the mail (allegedly) came.

(mack)

Home
#Phishing #attacks #behalf #savings #banks #banks