How do fraudsters get away with it

Phishing Radar: Up-to-date alerts

Suspicious e-mails that you have received yourself can be sent to the e-mail address [email protected] hand off. The North Rhine-Westphalia consumer center evaluates the incoming emails. On this basis we inform you about new types of fraud. The consumer data is anonymized.

Please note that we cannot answer your e-mails due to the large number of incoming calls.

On the website of the consumer advice center you will also find:

Comprehensive consumer information for free download,

You can also find daily alerts on Twitter (@vznrw_phishing) and in the Phishing Radar Facebook group.


May 21: Numerous phishing emails from the "Sparkasse" in circulation

Since yesterday we have received numerous phishing e-mails, allegedly from the Savings bank come. Said e-mails were all sent with the subject "customer message", but their content differs greatly from one another. The exact differences in content can be found in the screenshots that we have attached as examples. In all variants that reached us, it is claimed that the recipients are obliged to update their personal data. If you ignore the request, a permanent account lock and a SCHUFA entry are threatened in some variants. Don't let that unsettle you! These types of threats are a popular means of phishing scammers to put pressure on recipients. As usual, we advise you to delete the unanswered emails described here.

May 20: New on the phishing radar: BW Bank

New to the list of companies affected by phishing emails is the Baden-W├╝rttemberg Bank. The email with the subject "Security Notice" is not, as stated, a security notification, but a phishing attempt. Allegedly an "improper use of your card data" was found. To protect you from data misuse, the card has been temporarily blocked. Unblocking takes place only after the linked questionnaire has been filled out. Of course, this request should not be obeyed. All the data that is entered into the form falls directly into the hands of the fraudulent authors. That this is an attempt at fraud can be seen, for example. You can recognize, for example, that the e-mail allegedly came from the Baden-W├╝rttembergische Bank, but was also signed by Landesbank Berlin AG.

May 19: Phishing with no focus

In the middle of the week we couldn't find a specific focus on our phishing radar. Among other things, we received some emails on behalf of PayPal were written. These emails all follow a typical phishing scam that we have encountered frequently. Allegedly, your account "had to be blocked due to too many unsuccessful login attempts". Of course, no unknown third parties tried to access your account. This pretext only serves to unsettle the recipients.

In addition to PayPal, the Savings bank exploited for phishing emails. Said emails have the subject "important updates" and inform about a "mandatory changeover" to a new security procedure. All recipients of the e-mail should register for the new payment system via the attached link by May 19, 2021. The short deadline is intended to put the readers under pressure and induce them to act too quickly. Such threats are often used in phishing emails.

In both cases we recommend ignoring the emails and especially not following the links they contain.

May 18: Deutsche Bank affected by phishing

In the middle of the week the Deutsche Bank after a long break in the focus of phishing criminals. The most recent phishing attempt has the subject "Reminder: Upload the TAN activation letter" and tries to get sensitive account data. As usual for phishing emails, the recipients are asked to confirm their data via a link. This measure is supposed to be part of the Deutsche Bank test system and serves to protect against data misuse by third parties. Further down in the mail there is the threat that the banking services will be blocked if the mail is ignored. This threat is of course part of a nasty phishing scam and is intended to unsettle readers. If you receive this or a similar phishing attempt, we recommend deleting it without answering.

May 17th: New phishing scam: Amazon Prime benefits have allegedly been suspended

At the beginning of the new week are predominantly Amazon- Phishing scammers focus on users. Messages with subject lines such as "Receipt from Team Support" will notify you of a billing issue with your Prime membership. Allegedly, the monthly amount could not be debited from your stored card. In order to avoid a permanent termination of your Prime membership, you have to update the payment information immediately. As usual, this update should be made via an attached link. Do not follow the link and, in particular, do not disclose any personal data. This is the only way to protect yourself from possible financial damage caused by the author.

May 14: Phishing on behalf of the Volksbanks

Shortly before the weekend, numerous phishing attempts with the subject "Important Information" were received, which targeted the customers of the Volks- and Raiffeisenbanken aim. In said emails, the recipients are asked to confirm their data via a link, which is supposed to be necessary. The reasons for the confirmation differ from mail to mail. In many variations, the "new EU security regulations" serve as a pretext for accessing your personal customer information. In some cases, the recipients are even threatened with a complete closure of the account if the request is ignored. Don't let yourself be unsettled! Volksbank will never ask you to provide personal data by e-mail. As usual, we advise you to move such emails unanswered to your spam folder.