Last week they received a text message that apparently came from a savings bank. Via a link to an alleged website of this savings bank, they were asked to confirm their bank details for a new “Push-Tan” procedure. The couple complied with this request. As it later turned out, the website was probably a fake site designed to harvest bank details.

Image: Screenshot of a fake SMS from the Sparkasse
Image: Screenshot of a fake SMS from the Sparkasse

Unknown perpetrators had now debited a sum of money in the mid-five-figure range from the couple's account. The couple file a complaint.

The police advise:

  • Do not open a link to a bank site that is offered to you via email, chat (WhatsApp) or SMS. Always access your online banking via the internet address you know or, even better, in the banking app. If you are unsure, ask your bank advisor using the phone number you already know.
  • If you receive such a message, block the sender of the message via your operating system.
  • Check carefully which orders you release with a TAN when you are asked to do so.
  • Use an online banking limit that is tailored to your normal payment behavior. This can be changed by you at any time.
  • Keep your smartphone software up to date

The Sparkasse writes:

How does SMS phishing work?

SMS text message phishing – also known as smishing – is a type of cyberattack that uses misleading SMS messages to trick you into revealing valuable information. Disguised as a bank, a fraudster sends an SMS asking the recipient to update their details or check something in their account. Otherwise, for example, there is a risk that the account will be blocked.

 The message contains a link to a website where the user enters their login details. By entering this, fraudsters receive the combination of username and password for an account.

In order to make a transfer from an account, the fraudster now needs a TAN. SMS phishers often simply call the person being scammed and ask about it.

How to recognize phishing SMS

  • Phishing SMS messages come either from unknown numbers or from a number in your address book. If a phishing SMS comes from a known number, that person's cell phone may have been infected. Check the style and spelling of the message. This often shows whether the message actually comes from the person.
  • You will usually be asked to follow a link in the SMS. You should definitely refrain from doing this.
  •  If your contact's cell phone is affected, you will usually receive more personal messages. You are often asked to follow a link to see photos from your last vacation, for example. Be suspicious as soon as you have to enter personal information. In rare cases, you are already booking expensive services by clicking on the link.
  • If you would like to be called by your savings bank and arrange a callback online, you will not receive an SMS from us. If you do receive one, please call your branch again to be on the safe side.
  • Parcel services such as DHL also do not send notifications via SMS. Under no circumstances should you open the link contained therein.

Where do the scammers get their phone numbers?

The fraudsters do not get the phone numbers from credit institutions or from hacked online banking accounts, as some people think. They often come from retailers who sell this data in large quantities. This is another reason why it is advisable not to give out or publish telephone numbers and other personal data such as addresses or email addresses carelessly.

How can I protect myself?

As a general rule, your credit institution will never ask you to reveal your personal access data - neither by SMS, email or telephone. Therefore, never respond to a request to reveal your login details or a TAN.

Source: Kleve District Police Authority

Related to the topic:
Tips for preventing spam and phishing


If you enjoyed this post and value the importance of well-founded information, become part of the exclusive Mimikama Club! Support our work and help us promote awareness and combat misinformation. As a club member you receive:

📬 Special Weekly Newsletter: Get exclusive content straight to your inbox.
🎥 Exclusive video* “Fact Checker Basic Course”: Learn from Andre Wolf how to recognize and combat misinformation.
📅 Early access to in-depth articles and fact checks: always be one step ahead.
📄 Bonus articles, just for you: Discover content you won't find anywhere else.
📝 Participation in webinars and workshops : Join us live or watch the recordings.
✔️ Quality exchange: Discuss safely in our comment function without trolls and bots.

Join us and become part of a community that stands for truth and clarity. Together we can make the world a little better!

* In this special course, Andre Wolf will teach you how to recognize and effectively combat misinformation. After completing the video, you have the opportunity to join our research team and actively participate in the education - an opportunity that is exclusively reserved for our club members!


Notes:
1) This content reflects the current state of affairs at the time of publication. The reproduction of individual images, screenshots, embeds or video sequences serves to discuss the topic. 2) Individual contributions were created through the use of machine assistance and were carefully checked by the Mimikama editorial team before publication. ( Reason )