The Austrian Health Insurance Fund (ÖGK) is currently confronted with a wave of fraud. Fraudsters cleverly use fake emails that supposedly promise a refund to obtain sensitive data. Recipients are asked to follow a link and reveal their credit card details on a fake ÖGK website - a classic phishing attack to deceive and financially harm unsuspecting citizens.

These and similar emails are:

“Good morning, you have a pending refund from ÖGK.
Our transaction management system recognizes that you are authorized to receive this payment. Your refund is possible online (124.42 euros)
Registration number 100088684468
Reference OGK-A8005W
To accept the quick online payment, click on the following link and save the refund information.
click here
Austrian OGK.”

Screenshot of the phishing email
Screenshot of the phishing email

How the scam works

The scam is sophisticated and dangerous: At first glance, the emails appear authentic and exploit the trust many citizens have in official institutions. The messages claim that recipients are entitled to a refund, which only needs to be requested online. However, clicking on the link contained in the email does not lead to the official ÖGK website, but to a deceptively real-looking fake where personal and financial data is fished out.

The fake website of the ÖGK. Also recognizable by the URL!

Screenshot of the wrong website
Screenshot of the wrong website

The dangers of phishing

Phishing attacks like this specifically exploit the trustworthiness and lack of security awareness of many Internet users. Scammers aim to steal identities, credit card information and other sensitive data in order to conduct fraudulent transactions or create false identities. The consequences for victims range from financial losses to lengthy processes to restore their identity and financial integrity.

Protective measures and education

To protect yourself and others from such fraud attempts, it is important that both individuals and institutions take active measures. The ÖGK has already warned against this and strongly advises against responding to such emails or disclosing personal information. In addition, it is important to always be skeptical about unexpected financial offers via email and, if in doubt, to ask the institution in question directly.

Questions and Answers: It's better to be safe than sorry

  • Ask: What should I do if I receive such a phishing email?
    • Answer: Delete the email immediately. Do not respond or click on any links or attachments contained therein. Inform the ÖGK about the attempted fraud.
  • Ask: How do I recognize phishing emails?
    • Answer: Pay attention to spelling mistakes, strange wording and the return address. Official institutions will never ask you to send sensitive information such as credit card details via email.
  • Ask: How can I generally protect myself against phishing?
    • Answer: In general, be careful with personal information online. Use strong, unique passwords for different accounts and enable two-factor authentication where possible.

The call to action: Together against fraud

The ÖGK and other institutions endeavor to inform their insured persons and the public about such attempted fraud. But it is also everyone's responsibility to be vigilant and report suspicious activity. Only together can we create a safe and trustworthy digital environment.

Subscribe to the Mimikama newsletter at https://www.mimikama.org/mimikama-newsletter/ and register for our online lectures and workshops at https://www.mimikama.education/online-vortrag-von-mimikama/ at.

Also read:

Sign up for the Mimikama newsletter

Notes:
1) This content reflects the current state of affairs at the time of publication. The reproduction of individual images, screenshots, embeds or video sequences serves to discuss the topic. 2) Individual contributions were created through the use of machine assistance and were carefully checked by the Mimikama editorial team before publication. ( Reason )