German banking scam could soon be used to target other countries

So-called phishing attacks, where scammers try to trick you into handing over personal information, are becoming ever more elaborate. As we all get more familiar with the signs of a scam, the scammers have to get more cunning, and one way they’re doing this is by play on our fears.

Right now, as reported by PCWelt, a new spate of emails are flooding inboxes in Germany, pretending to be from the well-known Volksbanken Raiffeisenbanken bank with the worrying subject line “System Alarm Code”.

If anyone opens the email, they’ll see the bank’s logo and a big warning written in orange: “ATTENTION! Suspicious transfer cancelled!”

The email is impersonal, opening with ‘Dear Sir or Madam’, and proceeds to explain that the bank’s security system has intercepted a “very suspicious transfer” of €4999.

The customer is led to believe that the money was intended for transfer from their account to a foreign account which is unknown to the bank. And because this kind of behaviour could be a hacker, the bank has cancelled the transfer.

The email continues to say that cancelled transfer won’t be shown in the list of transactions in the customer’s online account.

It’s a clever scam, because the fraudsters are covering the possibility that people will spot the ruse and become suspicious when they log onto their online banking and see no evidence of the reported transfer.

Of course, the scammers still need a way to get the victim’s login details. That’s why the email then tells the customer that they need to “re-authenticate” to make sure that their account hasn’t been hijacked.

As you can probably guess, the customer is told to click on a link in the email. In this case, it’s an orange button labelled “To the homepage”. But, of course, it doesn’t take them to the real online banking page, but to a fake website which looks just like it, and that’s where the customer’s login details are stolen.

It’s relatively easy to spot the red flags. The email sender’s address is ichbincoooool2@t-online.de (obviously fake, even to non-German eyes). And while the idea behind the scam is convincing enough, the email is littered with spelling mistakes. And, naturally, the bank would never send you an e-mail with a link to log in. Instead, you should always type in the bank’s genuine web address, or click on a favourite / bookmark you’ve previously saved in your web browser.

There’s nothing to suggest that that the scammers already know who is a customer of the Volksbanken Raiffeisenbanken bank: it’s likely that the email is being sent to as many addresses as possible in the hope that some of the recipients will be customers of the and that at least some of them will fall for the scam.

And that’s why there’s a good chance the scammers will soon start sending similar emails to people in other countries, including the US and UK.

If you do receive such an email, delete it without clicking on anything in it.

How to spot a phishing scam

Here are five simple checks you can make to try and identify if the email – or other message – you’ve received is a scam or not.

1. Check the sender. Phishing emails often have a sender addresses that doesn’t match the organisation they purport to represent.
2. Look for spelling and grammatical errors. Official communication from any bank or financial entity shouldn’t contain typos or bad grammar, and certainly not multiple instances.
3. Is there a sense of urgency? Cybercriminals often use hooks such as the cancellation of the service or account, fines, penalties for not accessing your account quickly. Be wary of all these cases and situations.
4. Fake links. The links usually appear to correspond to the legitimate website or contain a text that refers to being “clicked”. Hover your mouse over it (or look at the URL in your web browser’s address bar) and see if it is the genuine address for the bank or service in question.
5. Impersonal communications. Emails and messages from legitimate companies usually refer to their recipient using their first and last names. By contrast, cybercriminals don’t typically have that data, and so use generic terms such as Dear Sir or Madam.

It’s also a good idea to run up-to-date antivirus software, ideally a package that include scam warnings, and prevents you from visiting phishing websites.