Sparkasse plagued by the S-CERT fraud: “Important account note” poses a risk for bank customers. The Verbraucherzentrale (consumer center) NRW is currently warning of a new phishing scam. This affects customers of the Sparkasse.
Banks and Sparkasse are particularly often affected by phishing attacks. The cyber criminals keep coming up with new tricks to get at the sensitive data of bank customers. There is a new perfidious scam is currently making the rounds that target Sparkasse customers – the S-CERT fraud.
S-CERT fraud: Cyber fraudsters lure Sparkasse customers with alleged security procedures
As the consumer advice center in North Rhine-Westphalia currently reports, the fraudsters are trying to appear serious with a particularly sophisticated fake. In the current phishing e-mail, Sparkasse customers are informed that the Sparkasse is said to be introducing a new security system that should ensure more data protection.
Supposedly, the new procedure called S-CERT should soon be standard at the Sparkasse. At the same time, customers are asked to find out more about the procedure via a link in the fake mail. It contains the subject “Important note about your account” and the title “We are changing our procedure”.
New phishing scam: Warning of this fake email on behalf of Sparkasse
As is so often the case with such phishing emails, the fake email looks very similar to the real letters from the Sparkasse. Contrary to what is often the case, the current fraud does not attract attention through frequent spelling errors. In the wording it says:
We have to inform you that we will soon implement a new security procedure for our customers. With our new, distinctive security procedure called S-CERT, your confidential data is encrypted even better and is therefore even more secure. Due to a new data protection reform, we have to make every customer aware of our new system. So that you can familiarize yourself with our new system, we ask all of our customers to find out about the new features using the link below. Log in conveniently using the button. (…)
Customers are supposed to receive important information via the button “About the procedure” that follows. Instead, the attempt to access account data of Sparkasse customers is hidden behind it. On the linked website, customers are asked to enter their login data.
Warning from the Sparkasse: S-CERT fraud is also circulating via SMS
As the Sparkasse itself explains, another “S-CERT fraud” is also in circulation as an SMS. Under the pretext that an account has allegedly been restricted and that customers now have to register for the new “S-CERT procedure”, attempts are being made to obtain online banking access and other personal data.
Particularly bold: Customers are also asked to confirm an alleged test transfer via TAN.
The computer emergency team of the Sparkassen-Finanzgruppe warns “urgently” that this could lead to fraudulent online banking transfers. Customers who have already entered data should contact their Sparkasse immediately.
Phishing at Sparkasse – important information for affected customers
Anyone who has received a suspicious email as a Sparkasse customer can report it to the Sparkasse. Simply forward the email to firstname.lastname@example.org.
The Sparkasse also explains on its website that customers would never be asked in real emails to enter account details via a linked website. This also applies to every other bank and every reputable Internet retailer.
Useful information from Sparkasse:
Fraudulent emails (phishing emails) are currently being distributed on behalf of Sparkasse. The e-mails have subject lines like “Message from your Sparkasse <random number sequence>”. Under the pretext of acquainting yourself with a supposedly new security procedure called “S-CERT”, you should be persuaded to call up a fraudulent web page (so-called phishing page). A characteristic of these emails is that they contain a QR code that leads to the fraudulent web pages. There you will be asked for your Sparkasse, your online banking access data, data on your Sparkasse Card and other personal data.
CAUTION: Please do not enter any data on the phishing page. Otherwise your data could be misused by fraudsters, e.g. B. to call you on behalf of your Sparkasse and induce you to use a TAN. This can lead to fraudulent online banking transfers on your behalf.
The computer emergency team of the Sparkassen-Finanzgruppe therefore urgently warns against these e-mails. If you have already entered data, please contact your Sparkasse immediately about blocking your online banking access.
- Do you speak banking German fluently?
- The top 15 mobile banking apps in Germany every Expat should know
- What Expats need to know about banking in Germany?