To improve our site for you we would love to record your visit. Of course this is 100% privacy compliant and completely anonymous. Your choice is stored in a cookie. Can we count on you?

More about Data Protection and Cookies at www.eBlocker.com
No OK
cart 0

Phishing: When Criminals go Fishing by e-mail

Phishing: When Criminals go Fishing by e-mail
| Editorial Staff

More and more fraudsters try to lure unsuspecting Internet users to manipulated Internet sites with deceptively genuine phishing e-mails. Anyone who enters access data or passwords here has fallen into the trap. 

More and more perfect – more threatening. Even experts often have to look closely at phishing spam to see if it is not a “real” message. Because nowadays, messages with a fraudulent background are presented in a very professional way. With phishing e-mails, online thieves literally “fish” for their access data, i.e. “fish” passwords and other access data. To do so, the fraudsters send fake e-mails that look as if they came directly from a bank, a credit card company or a payment service such as PayPal. With this they want to lure the recipient to fake Internet sites, on which the recipient is then supposed to type in account numbers, passwords, PINs and transaction numbers (TANs) “for verification”.  If the victim is trapped, the scammers plunder the account or go on a shopping spree. Although the number of phishing attacks has declined slightly recently, the gangs behind them are taking an increasingly professional approach. It wasn’t long ago that phishing messages were easy to recognize due to many spelling mistakes and absurd presentation. Those days are definitely over.

Phishing is becoming more and more sophisticated

Most phishing e-mails can no longer be identified as such at first glance. Meanwhile, for example, the victims are contacted personally (“Dear Mr. Müller”), the sender address is trustworthy (for example “service@paypal.de”) and spelling and design are flawless. In addition, some of the links contained link to “real” Internet sites, only the one that leads to the entry of personal data redirects to the fake hacker site. This can then hardly be visually distinguished from the real company side.

So how do you find out about phishing? The most important characteristic: Phishing messages always follow scheme F. hanger is usually a security problem, or some other difficulty that supposedly needs to be solved. To emphasize the whole thing, threats such as blocking accounts or cards usually follow if the recipient does not act immediately. To solve the problem, victims give away their data. All it takes is a click on a link contained in the e-mail that leads to an Internet page on which the victim then has to enter the secret data.

Detect phishing emails

Rule number one: Banks, payment services and other companies NEVER ask for passwords, credentials or other personal information by email or phone. Anyone who heeds this rule is actually already on the safe side. But people are people. It can well happen that one is not really at the thing or does not look exactly. And that’s it. The following rules are important.

  • Be suspicious: Be aware that banks, payment services and other companies never ask for passwords, credentials or other personal information by email or phone.
  • Do not click on the link: If you think there may be something true in a warning message, you should not click on the link in the e-mail, but manually log on to the real service in a new browser window and check for yourself whether something is wrong.
  • Do not open any file attachments: Never open attachments of e-mails of unknown origin without hesitation. It makes no difference whether the files are apparently harmless, such as images, documents or other files.
  • Don’t answer the request: Never respond to phishing spam: In this case, the cyber-gangsters know that the email address is actually being used. This will hail even more spam and phishing emails.

Who is liable for phishing?

The money’s gone? Who is responsible for this? Banks always refer to their general terms and conditions in phishing cases. There you will usually find passages describing the customer’s duties of cooperation and care. The banks are fine with that. This was also confirmed by the Federal Supreme Court (BGH) in a 2009 ruling, and in July 2011 the Landshut Regional Court ordered a bank to repay in full. A phishing victim was cheated out of 6,000 euros in this case. The crux of such proceedings is the question of whether the customer can be proven to have breached due diligence, which gives rise to a contractual claim for damages by the bank against him. Paragraph 675v BGB stipulates that bank clients are only liable for “gross negligence”, but not for simple negligent conduct. In other words, liability varies from case to case. But if you fall for a simple phishing e-mail and cheerfully reveal registration data as well as PINs and TANs, you usually have bad cards.

Back to Category Overview