A large number of fraudulent phishing SMS messages are currently being sent in the name of Raiffeisen Bank.

Apparently a PushTAN registration should be completed. The linked website looks confusingly similar to the real Raiffeisen website. But our cooperation partner Watchlist Internet warns: under no circumstances should you enter your own online banking data here. These end up directly in the hands of criminals.

You may have received an SMS in the name of Raiffeisen Bank in the last few hours. If you don't have an account with this bank, it's easy to classify it as a fake. But if you are actually a customer of the bank, the SMS can inspire trust at first glance:

Screenshot of the relevant SMS
Screenshot of the relevant SMS

Raiffeisen invites you to complete the PushTAN registration by clicking here: https://elba-app.com/mobiletan/

The message is written in perfect German and the link is difficult to immediately recognize as fake.

[mk_ad]

The linked website

If you follow the link, you will land on a website that is almost indistinguishable from the real login page:

Before entering your online banking details, be sure to check the address of the website you are currently on. In the first picture you land on the website “elba-app.com”. This has no connection to Raiffeisen Bank and was created by criminals.

You can see the real web address in the second picture. As of September 24, 2020, it is sso.raiffeisen.at/login/#/identifier/verfueger.

How can you classify the message as fake?

  • Your bank will not send you SMS messages with links to the online banking login. You must always access this website independently or use your relevant banking app.
  • The messages are written impersonally.
  • The website you land on after clicking on the link does not come from Raiffeisen Bank. This can be seen from the web address.

Have you already entered your details?

If you have entered your login details on the fake website, you need to act quickly. Change your login details and contact your bank immediately. Clarify further steps to avoid damage.

If damage has already occurred, a police report is essential.

You might also be interested in: The aftermath of a phishing email

Source: Watchlist Internet
Sign up for the Mimikama newsletter

Notes:
1) This content reflects the current state of affairs at the time of publication. The reproduction of individual images, screenshots, embeds or video sequences serves to discuss the topic. 2) Individual contributions were created through the use of machine assistance and were carefully checked by the Mimikama editorial team before publication. ( Reason )