Phishing Hunter: Fake Volksbank email misleads customers

With pressure to succeed? Anyone who does not follow the instructions will have to pay €50.

Volksbank customers are intended to be misled using a fake email. The email claims that the credit card is not confirmed and that you should immediately confirm the credit card online. But that's a trap.

Of course, this email does not come from Volksbank but rather misuses the logo, corporate design and the name Volksbank. Volksbank has nothing to do with the email. Visually, the email appears in the following way:

The content of this email is in accessible plain text

 

Dear customer,
we have noticed that you have not confirmed your credit card until today.
For security reasons, it is mandatory to confirm your credit card.
We ask you to start and complete the confirmation using the button below. If you do not comply with this confirmation within the next 14 days, your credit card will be blocked. A processing fee of €49.95 is due. To confirm We sincerely apologize for the inconvenience.
Kind regards,
your VR-Bank card service

Since this email is sent blindly, it will of course also reach people who are not Volksbank customers. But no matter who receives this email, it is a phishing attempt.

Mimikama tips:

If you fall into such a phishing trap, the following measures can help: Security software can help preventatively ! Despite all caution, it can still happen from time to time that you have fallen victim to a phishing attack and have unintentionally disclosed your personal data to third parties. It is important not to panic and to act immediately!

So that you actually know what to do if the worst comes to the worst, simply follow our step-by-step instructions:

1. Contact the company for which your personal user or login information was stolen immediately. Please call customer service to have your account blocked. Banks in particular have a blocking hotline that can be reached around the clock and is available specifically for such and similar cases. Describe your case and your account or user area will no longer be accessible with the old login data.
2. Log in to your user account and check whether you can still log in. If this is still possible, go immediately to the area where you can change your current login details. Set a new password and, if possible, also change the user name and contact address.
3. Check immediately whether account changes or transactions have already been made , as criminals are usually very quick. Check whether, for example, goods have been purchased or debits have been made for which you are not responsible. If this is the case, inform the customer service of the respective provider immediately.
4. Document all abnormalities . Take screenshots, print out bank statements and the phishing email, or forward the email to the company in whose name the cybercriminals sent the phishing email.
5. Contact a lawyer who specializes in internet fraud , describe your case and submit all documents related to the fraud. You should contact the lawyer even if you have not yet reported any damage.
6. 2 -factor authentication (if offered) prevents access even if fraudsters have obtained the access data through phishing.

By the way, there is also hope in phishing that stolen funds, for example from online banking, will be replaced by banks. The basis for this is the Civil Code (BGB). According to § 675u BGB, payment service providers are obliged to replace the stolen payment amounts in the event of unauthorized payment transactions. However, this only applies if the person concerned has fulfilled their duty of care. Further information on the legal basis in the event of damage can be found here .