Phishing Report for April/May 2023
In this monthly series, we provide information about phishing e-mails that are currently flooding e-mail inboxes and can cause great damage in some cases. Here you can find out which scams you should be particularly wary of in April/May 2023, what is behind the phishing emails and how you can protect yourself.
In April/May 2023, fraudulent and dangerous emails are once again circulating and landing in the inboxes of unsuspecting recipients. Criminals try to use phishing emails to grab your data and trick you with well-known names such as Disney+ or Amazon as the sender. Find out everything about the latest phishing cases here.
DKB: Request for verification
This phishing e-mail is currently unsettling many DKB customers – especially since it appears authentic at first glance. Allegedly, the online banking profile had been blocked for security reasons. In order to reverse this measure and continue to use the services, a confirmation from the account holder is required. The mail immediately asks the user to carry out the verification process, to “take three minutes” and to click on the login link. Otherwise, the card and the entire account could be blocked in addition to the online profile.
The fact that such drastic measures are threatened immediately is striking – a reputable bank would definitely proceed differently in its customer communication. Definitely a case for your spam folder or the trash!
Consorsbank: Alleged protection through new AI program
Another phishing attempt addressing the clientele of a bank. In this case, the mail allegedly originates from Consorsbank. It warns of the perfidious tricks of criminals who try to steal the money or even the identity of their unsuspecting victims – so this is what irony looks like for cybercriminals. It almost sounds funny, if it weren’t so dangerous for Consorsbank customers who could fall for this scam. An AI program has now been developed to protect customers from such fraud. It even drops the promise that by using the AI program you will definitely “never be a victim of fraud”. All the recipient has to do now, he said, is click on the link below to give his consent.
All in all, a brazen attempt at fraud. In addition to the strange content, the absence of Consorsbank in the sender address also points to a phishing case.
Disney+: Payment information update
This phishing email with the headline “Payment failed” is currently landing in countless mailboxes. Alleged sender is Disney+. Those who actually subscribe to the streaming provider might feel addressed here at first. Allegedly, the subscription had expired and therefore one had to update the payment information in order to continue using the services as usual. The recipient should click on the “Log in” button to confirm his data. If this request is not complied with, the account will be closed after 48 days and closure fees of up to €19.99 will be charged – no reason is given as to why this is necessary. The impersonal form of address (“Dear Customer”) and the lack of a comma after the salutation are also noticeable. Please do not fall for it, but directly into the trash with it!
Amazon: Account suspension due to unauthorized login activity
Almost everyone now uses Amazon for online shopping – apparently a good reason for cybercriminals to send phishing emails under this banner and trick unsuspecting Amazon customers. This latest mail claims that an unauthorized login activity on an unusual device has resulted in the temporary suspension of the account. In order to fix the problem, the customer would have to update the account information by clicking on the button labeled “Update my account”. The mail closes with a threat: if the account is not verified in this way within 48 hours, the system threatens to automatically delete the account. In addition to the impersonal and incorrect form of address (“Tag” was written in lower case here), the informal farewell (“Grüße”) is also striking.
Postbank: Activation of the web security system
We have received particularly frequent reports of this scam, which targets Postbank ‘s clientele. The customer would have to activate “the new web security system” and take action to fix the problem as soon as possible. Underneath, a button with the inscription “Activation of Postbank BestSign” is emblazoned. The already very short text of this mail seems to be copied together and is also incorrect. A phishing attempt to die for!
Advanzia Bank: Update of contact information
Another phishing attempt under the guise of a well-known bank. The recipient will be prompted to update their contact information to avoid service interruptions. To do this, he would have to log in via a link in the notification center. In this case, the salutation as well as the design of the mail appear inconspicuous and could initially convey a serious impression. Nevertheless: This phishing e-mail belongs unanswered in the spam folder .
How do you recognize phishing emails?
Are you unsure whether it is phishing or an authentic mail, for example from a streaming provider? Then, if in doubt, always check your account first via the official website or log in to your app if there is one. Here you can quickly see whether the account has really been blocked or your subscription has expired. This will help you nip many fraud attempts in the bud before any damage is done.
Here is a list of typical characteristics of phishing emails:
- Orthography and grammar errors
- Impersonal salutation (“Dear Customer”)
- Official logos, but no official sender addresses of the companies
- Query sensitive information
- You are not a customer of the alleged sender
- Direct threat of sometimes drastic consequences in case of non-response
- Embedded links
- Files attached and the request to open them
eXpurgate reliably detects spam and protects against phishing e-mails
The methods of cyber criminals are becoming increasingly professional and phishing emails are often hardly recognizable with the “naked eye”. In some cases, none of the above characteristics apply and it is still phishing. Reliable protection can only be provided by a system that uses AI to detect and fend off malicious mails.
An e-mail security solution such as eXpurgate offers you precisely this high level of protection, so that from now on you are immune to phishing attacks. The software efficiently protects you from spam and removes harmful emails before you and your employees even come into contact with them. With a detection rate of 99.9%, eXpurgate offers optimal all-round protection, which efficiently prevents the unintentional installation of malicious software as well as data and identity theft. For maximum security in e-mail communication – Made in Germany and individually adapted to your requirements.
©2023. eleven cyber security GmbH. All Rights Reserved.