The forms of these fraud messages have changed with the spread of smartphones through SMS, short messages or messenger services, but the aim of the messages, to obtain the personal data of the other person, has remained the same.

Last week, financial investigators from the Rhein-Sieg police filed a report in which a fake or phishing SMS led to the perpetrators being able to activate the victim's bank card for mobile payment, which they then used to go shopping.

First, the injured party, an 18-year-old teenager from Troisdorf, received a fake text message from his bank. There was a link to a website, supposedly to update the TAN procedure. The 18-year-old clicked on the link and came to a website that was also fake, but it suggested that it was not available due to server problems. A short time later he received a call from what was supposed to be an employee of the bank, who stated that the server problems continued and that he would now carry out the TAN update process over the phone. Ultimately, the young man gave away the access data for his bank account and a TAN. So much for a well-known approach.

From here on, the perpetrators used a new option to get the young man's money. Using the carelessly given out data, the fraudsters created a virtual bank card. This made it possible for them to pay for purchases using their smartphone or smartwatch and to debit the Troisdorf resident's account. A total of six purchases were made with a purchase value of over 1,100 euros.

The tips from the police are as old as the phishing messages:

Never give out personal information over the phone! Your bank will never ask you for your account access details or a TAN over the phone!

So if you receive a message via email, SMS or text message that has at least one of the following characteristics, you should be suspicious. Because then it is most likely a phishing email:

  • The text of the email states that urgent action is required, for example: “If you do not update your data immediately, it will be irretrievably lost…”.
  • Threats are used: “If you don’t do this, we will unfortunately have to block your account…”.
  • You will be asked to enter confidential information such as the PIN for your online banking access or a credit card number.
  • The email contains links or forms.
  • The email appears to come from a well-known person or organization, but the sender's request seems unusual.

If possible, protect your online data with 2-factor authentication (2FA). Access to bank or email accounts, for example, is only possible after entering access data into two security components that are as independent as possible. For example, you enter your password on your computer and you also have to type a PIN into your smartphone. This ensures that data thieves cannot do anything with just your password.

Sources

Federal Office for Information Security,
Rhein-Sieg District Police Authority


If you enjoyed this post and value the importance of well-founded information, become part of the exclusive Mimikama Club! Support our work and help us promote awareness and combat misinformation. As a club member you receive:

📬 Special Weekly Newsletter: Get exclusive content straight to your inbox.
🎥 Exclusive video* “Fact Checker Basic Course”: Learn from Andre Wolf how to recognize and combat misinformation.
📅 Early access to in-depth articles and fact checks: always be one step ahead.
📄 Bonus articles, just for you: Discover content you won't find anywhere else.
📝 Participation in webinars and workshops : Join us live or watch the recordings.
✔️ Quality exchange: Discuss safely in our comment function without trolls and bots.

Join us and become part of a community that stands for truth and clarity. Together we can make the world a little better!

* In this special course, Andre Wolf will teach you how to recognize and effectively combat misinformation. After completing the video, you have the opportunity to join our research team and actively participate in the education - an opportunity that is exclusively reserved for our club members!


Notes:
1) This content reflects the current state of affairs at the time of publication. The reproduction of individual images, screenshots, embeds or video sequences serves to discuss the topic. 2) Individual contributions were created through the use of machine assistance and were carefully checked by the Mimikama editorial team before publication. ( Reason )