A status post has been making the rounds on Facebook since 2015 that still unsettles some users in 2018.
A Facebook user claims that a certain Rene Krauße stole EUR 4,300 from her account. If the user has her way, then the “Sparkasse” is to blame for this.
But that is not the case.
The user fell victim to a phishing trap in 2015. We assume that she received a fake email sent by internet fraudsters. Since the status post mentioned has already been shared over 580,000 times, we are again receiving inquiries about it.
The status post as wording:
To everyone who uses Sparkasse online banking!!!! When you log in and a window should open where it says that it is now being checked whether Sparkasse online banking is secure PLEASE don't click any further, a rene krauße took 4300 @ for me... Please share this even if you are not a Sparkasse customer since!!!!
Fact check
We keep reporting on fake savings bank emails . The user herself fell victim to such a scam in 2015.
The senders of this email pretend to be “Sparkasse” and use the bank’s corporate design. The aim of this email is to entice Sparkasse customers to follow the instructions in the email so that they end up falling into a phishing trap, which not only costs them their personal data, but can also cause financial damage.
First of all, an important note: The company mentioned (Sparkasse) has nothing to do with the fraud. You yourself have become a victim here, with your name being misused to lure users into a trap! Since the email is sent blindly, it naturally also reaches people who are not Sparkasse customers.
Visually, this email appears as follows:
Here it reads:
Confirmation needed!
Dear [***],Our system has determined that the data you have stored with us needs to be confirmed for security reasons.
Please follow the link to
confirm your data free of charge.Otherwise, you must debit your account with €49.99 and request the change in writing by post.
Kind regards,
your savings bankSparkasse Finance Portal GmbH
In this email, the term “link” is actually accompanied by a link that leads to a fake website. This is where the real trap lurks for the visitor. When you access this URL, our Kaspersky Internet Security immediately warns you of a phishing web address.
Behind the address “www. bulden-consultd .com” is a website that in turn redirects you to a phishing trap. There you will initially find a fake login, which is based on a login for the savings banks' online banking.
After this supposed login, personal and address details are requested in several steps and ultimately you are also asked to enter sensitive bank details.
General phishing warning:
- Phishing emails generally try to appear as if they come from the relevant company . Fraudsters use these emails to try to obtain personal information, preferably bank and credit cards or other payment information.
- Protection software is helpful! With updated databases and appropriate heuristics, malicious sites are often blocked. We use Kaspersky protection software .
- The real “art” of these emails is the story, which is intended to entice the recipient to trust the email and open the inserted link. Expression, grammar and spelling, as well as plausibility and individuality play a very important role here. Especially in the recent past, there have been an increasing number of emails that shined with individuality: They could address the recipient with the correct name and also contain actual address and personal data.
- However, you can generally note: Banks, payment and purchase portals never ask you to log in to the account using a built-in link! In addition, although a generic salutation is always an indication of phishing, an existing correct salutation is not proof of the authenticity of an email .
- Tip on your smartphone: Press and hold a link until a dialog window opens with the link preview. This shows where an embedded link should lead.
- Never log in via a link that is sent by email, but always type the relevant page by hand into the address bar of your browser and log in there. If there are actually announcements for the relevant service, they will be displayed there. In addition, if possible, you should also refrain from conducting banking transactions via public/third-party Wi-Fi networks , as you never know exactly whether (and in an emergency, by whom) these networks are being logged.
- Never enter real data in the form fields! Under certain circumstances, the data can even while typing without having to confirm with “continue”.
Notes:
1) This content reflects the current state of affairs at the time of publication. The reproduction of individual images, screenshots, embeds or video sequences serves to discuss the topic. 2) Individual contributions were created through the use of machine assistance and were carefully checked by the Mimikama editorial team before publication. ( Reason )