Menü Close
Contact
Phishing Report

Phishing Mail Report February 2024

Here you can find out which cases of phishing were reported particularly frequently in February 2024.
We want to draw your attention to current fake emails and give you tips on how to recognize phishing.

This month, users in particular received phishing emails from the following (alleged) senders:

  • EPOS
  • FedEx
  • Free University of Berlin
Make an appointment now

EPOS: Update the account, otherwise there is a risk of deactivation

The most frequently reported phishing mailing (66.72 thousand messages, 24% of registered fraudulent mails) is currently circulating under the company name EPOS.
The plain text message is written in Japanese.
If you translate the text, you quickly recognize a typical bank phishing:

Your account will be deactivated if you do not “update” it as soon as possible via the link in the email.
If you click on the link, you will be redirected to a domain ending in “.xyz”, which is no longer accessible.

FedEx: Schedule delivery because package is being delivered

The second largest phishing mail comprises 30.85 thousand messages.
This corresponds to 11.10% of all fraudulent emails this month.
The supposed sender is the shipping and logistics company FedEx.

The dubious content: A parcel is supposedly being delivered for you.
You are asked to use a link to schedule the exact delivery.
The link leads to a website with the same structure as the mailing and asks you to take further action.
Please do not follow the instructions and send the mail directly to your spam folder!

Freie Universität Berlin – Request for e-mail access data

The third most common phishing mail is circulating under the guise of the Free University of Berlin.
Here, 30.68 thousand messages were registered.
messages were registered, which corresponds to a share of 11%.
The email is particularly dangerous as it looks very authentic and asks for your email access data.

You supposedly have 24 hours to prevent your email account from being deactivated.
As you can see from the picture, the design looks legitimate: the website in the background is the original FU Berlin homepage and the login window also looks genuine.
As a student at the FU Berlin, you could very easily fall for the fishing attempt.

How you can recognize the fraud: The suggested domain in the login field (“@uni-berlin.de”) is not the correct domain for FU Berlin accounts.
If you also change the domain to “@uni-rostock.de”, for example, the website in the background and the logo in the login field will also change to the University of Rostock version.
The same applies to all possible changes to the domain – in any case, a corresponding index page appears in the background, but it cannot be clicked on.
A sophisticated and all the more dangerous phishing attack, as the use of real websites quickly creates an impression of legitimacy.

How to reliably recognize phishing

Phishing can occur in a number of ways, but here are some common signs to look out for:

  • Unknown sender
  • Urgency of the request (e.g. “Update your data within 24 hours”)
  • Incorrect grammar and spelling
  • Incorrect URLs (often also similar looking URLs, but subtly different, e.g. “paypa1.com” instead of “paypal.com”)
  • Attachments and links
  • Inappropriate questions about personal information
  • Lack of personal context (missing personal details that a legitimate company would normally have, e.g. your name in the salutation)

Our recommendation: If you have even the slightest doubt as to whether a message is genuine, you should contact the company or organization directly instead of responding to the suspicious message.

eXpurgate: Protect yourself effectively against phishing

You can often recognize phishing emails by the features mentioned above.
However, we recommend a professional solution, especially for companies, because the immense volume of dangerous emails cannot be dealt with by the employees themselves.
There is simply not enough time in the working day to check every email themselves.
In addition, the methods used by cyber criminals are becoming increasingly sophisticated.
Phishing emails are becoming increasingly difficult to identify as such at first glance.

eXpurgate solves this problem for you. Before a phishing mail can even infiltrate your inbox, it is reliably detected and removed from circulation. Our spam detection rate of over 99.99 % is above the industry standard. We obtain our data basis from a daily detection of 1 billion(!) e-mails. All our services are “Made in Germany”, which means we guarantee first-class customer service and the legally compliant protection of your data in German data centers.

Arrange a consultation now

©2023. eleven cyber security GmbH. All Rights Reserved.