Thank you for still existing! Thank you for the fact that there are still phishing emails that can be recognized quite quickly based on their expression and are therefore not quite as dangerous.

Important note: The company mentioned (Card Complete) has nothing to do with the scam . You yourself have become a victim here, with your name being misused to lure users into a trap!

Like the following phishing email, which looks nice at first, but quickly reveals itself at second glance.

image

Because here you read:

Ladies and Gentlemen

we will inform you that your card has been blocked.

check your card by simply clicking on the link below,

under which you can take you to a website.

After this verification you will be able to use your card for all online services.

  • Activate my card

Thank you for your understanding,

Card complete Service Bank AG

Security card service

Lassallestrasse 3 1020 Vienna

Alright thanks! This is phishing. Kaspersky Internet Security also confirmed the same to us after we clicked the link behind “Activate my card” as a test.

image

If you follow the link, a page opens that at least looks similar to the Card Complete registration. Various input fields expect input, in this case sensitive credit card data. We warn against providing truthful information on these sites as they will end up in the hands of fraudsters.

image

General phishing warning:

  • Phishing emails generally try to appear as if they come from the relevant company . Fraudsters use these to try to get personal data, preferably bank credit cards or other payment data.
  • Protection software is helpful! With updated databases and appropriate heuristics, malicious sites are often blocked. We use Kaspersky protection software .
  • The real “art” of these emails is the story with which the recipient is supposed to trust the email and open the inserted link. Expression, grammar and spelling, as well as plausibility and individuality play a very important role here. Especially in the recent past, there have been an increasing number of emails that shined with individuality: they could address the recipient with the correct name and also provide actual address and personal data.
  • However, you can generally note: Banks, payment and purchase portals never ask you to log in to the account using a built-in link! In addition, although a generic salutation is always an indication of phishing, an existing correct salutation is not proof of the authenticity of an email .
  • Tip on your smartphone: press and hold a link until a dialog window opens with the link preview. This shows where an embedded link should lead.
  • Never log in via a link that is sent by email, but always type the relevant page by hand into the address bar of your browser and log in there. If there are actually announcements for the relevant service, they will be displayed there. In addition, if possible, you should also refrain from conducting banking transactions via public/third-party Wi-Fi networks , as you never know exactly whether (and in an emergency, by whom) these networks are being logged.
  • Never enter real data in the form fields! Under certain circumstances, the data can even while typing without having to confirm with “continue”.
Sign up for the Mimikama newsletter

Notes:
1) This content reflects the current state of affairs at the time of publication. The reproduction of individual images, screenshots, embeds or video sequences serves to discuss the topic. 2) Individual contributions were created through the use of machine assistance and were carefully checked by the Mimikama editorial team before publication. ( Reason )