With phishing e-mails and scam calls, criminals try to obtain bank and credit card data. If you follow the instructions of the crooks, you fall into the trap, and your account is plundered. Only on Wednesday, the platform Watchlist Internet, which specializes in Internet fraud, warned of a corresponding wave in Austria.
Phishing attacks are usually carried out via e-mails that look like a bank has sent them. They say there is a problem with the account and threaten to close the report for a fee. Then the victims are asked to click on a link, says Declan Hiscox of Watchlist Internet: “In fact, you don’t get to the bank’s website, but a fake page that only looks like one.” One’s login data ends up directly with the criminals, says Hiscox.
The e-mail itself is usually not yet dangerous as long as it is in the inbox, says Hiscox. Even if you have clicked on the link and landed on the criminals’ fake site, he says you don’t have to panic yet. At least not if you have an up-to-date operating system installed and have installed all security-relevant updates. This applies to PCs as well as smartphones and other mobile devices.
On the other hand, if you use outdated operating systems or do not perform any updates, it would theoretically be possible for attackers to exploit security vulnerabilities. In such a case, even accessing the fraudulent website could lead to malware being loaded onto the computer unnoticed. However, in practice, this is rarely the case, so there is no need to worry too much, according to Hiscox.
Banks do not request disclosure of login data
It can be stated that a bank never sends e-mails to its customers asking them to disclose account data via a direct link. At best, the customer would be notified if, for example, important information was found in the mailbox of the online account. In such a case, however, the user would have to go to the bank’s website independently. According to Hiscox, a direct link indicates that fraudsters are at work here. The trap is sprung if you follow such a link and enter security codes, passwords, or TAN numbers on the criminals’ fake site. The attackers gain access to the account with this information.
Pay attention to the sender‘s address
A phishing email often demands that you install an app on your smartphone, supposedly for security reasons. However, according to Hiscox, this app is a dangerous malware that allows attackers to intercept TAN numbers or even access the banking app.
Anyone who finds a suspicious email in their inbox should first pay attention to the sender’s address. For example, if this is called “l, “ax@lyse.net,“ as in a recent case, it should be clear that no reputable company is behind it. However, some fake addresses are also more cleverly chosen, for example, in such a way that the name of a bank appears in the first part. Therefore, you should pay particular attention to the part of the e-mail address found after the @ sign. This section reveals the domain from which the letter is sent, says Hiscox. The front area is freely definable by the fraudsters, he said.
In any case, caution is advisable; as recently as Wednesday, Watchlist Internet warned of an increase in such phishing attacks in Austria. The cybercriminals are acting here in the name of well-known companies such as Easy bank, BAWAG, Volksbank, and the telecom provider Magenta.
The telephone offers another attack surface for getting hold of citizens’ money. It is not uncommon for the scammers, colloquially known as scammers, to target old landline connections. The scammers pose as Microsoft service employees, for example. They make their victims believe that malware has been found on the computer and demand remote access to the computer to remove the supposed virus infection.
You should stop such calls immediately and hang up, advises the Watchlist Internet expert. Scammers are skilled at gaining the trust of their victims. For example, by deliberately leading the victims to an area of the computer settings where error messages such as program crashes are registered by default. These messages can appear scary, but they are not intended for users and do not indicate any substantial dangers, says Hiscox.
In the meantime, there are YouTube bloggers and groups like the “Scam-Hunters” who have made it their business to hunt down scammers. For their part, they hack into the criminals’ computers and turn the tables on them. To the delight of the public and the annoyance of the scammers. The scammers usually react badly when they notice that their money so laboriously obtained disappears from their accounts. However, these scam hunters are highly specialized hackers, and their successes are usually achieved by chance.
- source: orf.at/picture: Bild von mohamed Hassan auf Pixabay
This post has already been read 717 times!