Sparkasse clients are targeted by a new phishing campaign created in German on a hacked music website. With a page resembling that of an authentic banking institution, cyber-criminals are able to steal Germans’ pins and IDs and empty their accounts. The banking details are also used for identity theft and further fraudulent schemes.
The phishing attack starts with an e-mail, allegedly from Sparkasse Customer Service. As in most phishing attacks, cyber-criminals create a sense of urgency by tricking Germans their banking account will soon expire, so they have to enter their data fast to make sure the account will be back on track.
“Please note that your online access to your account will soon expire,” the spam e-mail reads. “To continue this service without interruption, please click on the icon below to manually update your account. After completing the instructions to update the account, your online access to your account will be automatically restored and no further action will be required of you.”
Interestingly, phishers have breached a poorly crafted music website registered in the US and dumped the malicious web page in a folder. This is what makes the redirecting URL look like “http://music [link removed]/sparkasse.”
“Sparkasse” phishing attacks have been circulating for over five years. The German bank reminds clients to ignore e-mails from unknown sources and never give out their PIN and TAN.
“Even if you are prompted by seemingly reputable institutions, [don’t do this],” Sparkasse representatives said. “Sparkasse will not personally ask your data by e-mail or phone, nor ask for your online banking details or to open websites in an e-mail to enter account information there.”
Last month, Germans have also been infected with the Gamarue Trojan after clicking on a fake Deutsche Bahn ticket reservation. The same malware stole their personal details with a bogus FedEx shipment notification. Another recent phishing attack targeted HypoVereinsbank clients.
Bitdefender also offers some tips and tricks for users exposed to such phishing attacks:
tags
Bianca Stanescu, the fiercest warrior princess in the Bitdefender news palace, is a down-to-earth journalist, who's always on to a cybertrendy story.
View all postsNovember 14, 2024
September 06, 2024