Phishing

What is phishing and how can I recognize it?

Phishing is nothing more than an attempt to obtain your personal data. This primarily includes any login credentials to your email, bank account, your Amazon or PayPal account, or information about your credit card (credit card details). Such messages can often be recognized by spelling mistakes, unusual sender addresses (for example an imprint located abroad), or other errors in the phishing message. In most cases, attackers exploit the time pressure that arises from panic in the victim (“Oh no, I need to quickly enter my data there so that my account is not lost.”).

Phishing attacks are so dangerous because you can usually hardly distinguish them from legitimate messages. Attackers deliberately exploit the fear of victims or the time pressure that may arise from a message like “Your account will be locked!”.

Examples:

• Email (Sparkasse, Volksbank, PayPal or similar)

• Phone phishing (calls from fraudsters pretending to be employees of PayPal or Microsoft)

• Phishing via social media

• SMS (smishing)

Most popular methods / currently trending:

• “Hello Dad / Mom, this is my new number.”

• “Your Volksbank TAN is invalid – please update it…”

• “Unusual activity has been detected on your account – please check!”

• “Your package could not be delivered. Please update the drop-off location.”

How does phishing work?

1. The victim receives a message that appears legitimate at first glance: “Your account will be locked – action required!”

2. The victim panics and clicks on the link included in the fake message and is redirected to an external URL that is usually not immediately recognizable as fake (example: https://pay-pal-secure.no). In this case the message can be recognized by the unusual domain ending.

3. By clicking the link or entering login data on the fake website, the attacker gains access to the data you entered there.

IMPORTANT: If you notice something like this, change your password immediately, check your device for malware and contact PayPal support. If possible, also file a criminal complaint immediately or report the incident to Netzmelden with legally usable screenshots (capture of the entire screen with the time visible, on a PC including the taskbar).

Steps to take:

• First step – stay calm.

• Second step – disconnect your device from the network. On a PC you can simply unplug the LAN cable or disconnect the power cable.

• Third step – change access credentials. If possible, immediately change your password and your email address. Monitor your account or accounts closely for the next period of time.

• Fourth step – contact the affected providers such as PayPal or Amazon support. They will usually advise you on the next steps to secure your account again.

Sources:

• https://www.bsi.bund.de/DE/Themen/Verbraucherinnen-und-Verbraucher/Cyber-Sicherheitslage/Methoden-der-Cyber-Kriminalitaet/Spam-Phishing-Co/Passwortdiebstahl-durch-Phishing/Wie-erkenne-ich-Phishing-in-E-Mails-und-auf-Webseiten/wie-erkenne-ich-phishing-in-e-mails-und-auf-webseiten_node.html

• https://www.bsi.bund.de/DE/Themen/Verbraucherinnen-und-Verbraucher/Cyber-Sicherheitslage/Methoden-der-Cyber-Kriminalitaet/Spam-Phishing-Co/Passwortdiebstahl-durch-Phishing/passwortdiebstahl-durch-phishing_node.html

• https://www.datenschutzexperte.de/blog/identitatsdiebstahl---datenklau-mit-folgen

• https://polizei.nrw/artikel/cybercrime