A user sent us a screenshot of the SMS he received in the name of the savings bank. – Thank you very much for sending me this information and for the information.

The frightening thing is that the sender number was probably “spoofed”, so that recipients feel a false sense of security and could therefore open the links with confidence.

Fake SMS in the name of the savings bank

As you can see from this SMS history, “Sparkasse” appears as the sender. You can also see a message here confirming an appointment for the user. Below there are two SMS messages sent from the same number.

SMS history/screenshot
SMS history/screenshot

If you open the links listed in the SMS, you will immediately receive a warning from the antivirus program for both:

Screenshot: Warning when accessing the URL
Screenshot: Warning when accessing the URL / SMS from August 21st

The page behind this link, which is contained in the SMS from August, is currently not (any longer?) filled with content; there is only a “Privacy Policy” here, which does not contain any information, just general text.

Screenshot: Warning when calling the URL spk-push.app
Screenshot: Warning when accessing the URL spk-push.app / SMS from October 28th - in the screenshot “Today”

If you ignore this warning, you will reach a website that is modeled on that of the Sparkasse. On this you will be informed that the pushTAN procedure will expire on November 6th. is updated. A “Complete” button leads you to selecting your branch. You will then be asked to enter your login details.

The user who sent us the screenshot of this SMS also reported this to his bank advisor. The feedback was that he found the fake site to be frighteningly realistic. This, and the fact that the Sparkasse's phone number was spoofed, could lead many customers to trustingly enter their bank details on these sites.

“Spoofing” – what is it?

The term “spoofing” is derived from the English word “spoof”, which means “to pretend” or “to fake”.
With “spoofing”, criminals try to get personal data from victims by simulating a call or, as in this case, an SMS from the Sparkasse and using the associated phone number. Now you might think that you can tell with some certainty from the phone number who is calling or sending a message. But that is exactly not the case and the perpetrators take advantage of it. The victims often suffer great financial damage.

If you are unsure: ask

If you are not entirely sure whether the message could have come from the sender listed, simply ask directly.

This has the additional advantage that the alleged sender finds out about fraudulent activities in his name, can take action against it and can also warn and inform his customers or users in advance.

The Sparkasse has summarized some tips on the subject of “phishing” on its website:

“What is phishing?”

This might also be of interest: Bank employees do not ask for TAN numbers and other access data
Sign up for the Mimikama newsletter

Notes:
1) This content reflects the current state of affairs at the time of publication. The reproduction of individual images, screenshots, embeds or video sequences serves to discuss the topic. 2) Individual contributions were created through the use of machine assistance and were carefully checked by the Mimikama editorial team before publication. ( Reason )