4300 € gone! A Facebook posting warns of a “Sparkasse Online Banking” window.

A status post has been making the rounds on Facebook since 2015 that unsettles some users. A Facebook user claims that a certain Rene Krauße stole EUR 4,300 from her account. If the user has her way, then the “Sparkasse” is to blame. But that is not the case. The user fell victim to a phishing trap in 2015. We assume that she received a fake email sent by internet fraudsters. Since the status post mentioned has already been shared over 680,000 times, we are again receiving inquiries about it, like this one:

Is this warning justified? Yes, if you know what that means. But be careful: the description itself is a little inaccurate, because the danger does not exist with the official Sparkasse online banking, but the original author may have ended up on a phishing website without noticing.

Regarding the origin of this warning message, which is still distributed regularly today: In 2015, a savings bank customer may have victim to a phishing trap . We assume that she received a fake email sent by internet fraudsters. Having now been shared more than 680,000 times, many Facebook users have probably already seen this warning:

image

As already mentioned, we must at least give the clear warning that there is neither an error at the Sparkasse nor does this problem arise if you go to online banking as normal via the Sparkasse website. The starting point was probably a phishing email that led to a fake website that was modeled on the savings bank's banking system.

Phishing!

We keep reporting on fake savings bank emails . The senders of these emails pretend to be “Sparkasse” and use the bank’s corporate design. The aim of this email is to entice Sparkasse customers to follow the instructions in the email, only to end up falling into a phishing trap that not only costs them their personal data, but can also cause financial damage.

First of all, an important note: The company mentioned (Sparkasse) has nothing to do with the fraud. You yourself have become a victim here, with your name being misused to lure users into a trap! Since the email is sent blindly, it naturally also reaches people who are not Sparkasse customers.

Visually, such an email appears as follows:

image

Equipped with the correct name of the recipient, this email attempts to lure the recipient to a fake website. This is done by installing a central link that you have to click on.

Of course, the story in the email is fictitious and the link does not lead to the official Sparkasse website. This is where the real trap for the visitor lurks. When you access this URL, our Kaspersky Internet Security immediately warns you of a phishing web address.

 

image

Without software protection, a website opens at this point that looks very similar to a real login to Sparkasse's online banking. Anyone who logs in here is actually handing over their access data to fraudsters. As the process progresses, additional data is even revealed, so that these fraudsters can actually end up causing economic damage, such as the missing €4,300 described at the beginning, for example.

 

In this respect: Yes, the warning is justified. But you have to expand it to understand where the real trap lies.

image

General phishing warning:

  • Phishing emails generally try to appear as if they come from the relevant company . With these emails, fraudsters try to obtain personal information, preferably bank and credit cards or other payment information.
  • Protection software is helpful! With updated databases and appropriate heuristics, malicious sites are often blocked. We use Kaspersky protection software .
  • The real “art” of these emails is the story, which is intended to entice the recipient to trust the email and open the inserted link. Expression, grammar and spelling, as well as plausibility and individuality play a very important role here. Especially in the recent past, there have been an increasing number of emails that shined with individuality: they could address the recipient with the correct name and also contain actual address and personal data.
  • However, you can generally note: Banks, payment and purchase portals never ask you to log in to the account using a built-in link! In addition, although a generic salutation is always an indication of phishing, an existing correct salutation is not proof of the authenticity of an email .
  • Tip on your smartphone: Press and hold a link until a dialog window opens with the link preview. This shows where an embedded link should lead.
  • Never log in via a link that is sent by email, but always type the relevant page by hand into the address bar of your browser and log in there. If there are actually announcements for the relevant service, they will be displayed there. In addition, if possible, you should also refrain from conducting banking transactions via public/third-party Wi-Fi networks , as you never know exactly whether (and in an emergency, by whom) these networks are being logged.
  • Never enter real data in the form fields! Under certain circumstances, the data can even while typing without having to confirm with “continue”.


If you enjoyed this post and value the importance of well-founded information, become part of the exclusive Mimikama Club! Support our work and help us promote awareness and combat misinformation. As a club member you receive:

📬 Special Weekly Newsletter: Get exclusive content straight to your inbox.
🎥 Exclusive video* “Fact Checker Basic Course”: Learn from Andre Wolf how to recognize and combat misinformation.
📅 Early access to in-depth articles and fact checks: always be one step ahead.
📄 Bonus articles, just for you: Discover content you won't find anywhere else.
📝 Participation in webinars and workshops : Join us live or watch the recordings.
✔️ Quality exchange: Discuss safely in our comment function without trolls and bots.

Join us and become part of a community that stands for truth and clarity. Together we can make the world a little better!

* In this special course, Andre Wolf will teach you how to recognize and effectively combat misinformation. After completing the video, you have the opportunity to join our research team and actively participate in the education - an opportunity that is exclusively reserved for our club members!


Notes:
1) This content reflects the current state of affairs at the time of publication. The reproduction of individual images, screenshots, embeds or video sequences serves to discuss the topic. 2) Individual contributions were created through the use of machine assistance and were carefully checked by the Mimikama editorial team before publication. ( Reason )