Phishing online banking attracts crooks. Online crooks fish millions of times over account data: By sending spam e-mails, they steal secret access information in order to then clear away unauthorized cash.
Online crooks fish millions of times over account data: By sending spam e-mails, they steal secret access information in order to then clear away unauthorized cash. The electronic mail contains false links that do not lead unsuspecting users to the homepage of their bank or savings bank as intended, but to the almost perfectly replicated Internet pages of the fraudsters. There are similar problems with online retailers, online payment services, telephone providers or parcel services. With this password fishing (English: “Phishing”) the user is asked either to enter the account number and PIN, or asked to activate the account for security reasons by entering the code, or alternatively to open a file that contains a malicious program.
Whoever follows this request will really activate the account – for access by the fraudsters. The following tips will help online thieves avoid the phishing network:
- Use modern software : Antivirus software is a must on every computer with Internet access. Modern internet browsers also offer protection against phishing attacks. It is important to always use the latest version of the software and to regularly update the antivirus program, the Internet browser and the operating system in the meantime. Many antivirus programs do this automatically. Last but not least, customers should find out what security precautions the financial institution takes in online banking to ward off fraudulent attacks.
- Create a secure address: To be on the safe side, you should always enter the Internet address of your own bank yourself or create a link in your browser. Mistrust is called for when it comes to links or information on third-party websites and functions that create a link for the user. Under no circumstances may a link in an email be used. When using online banking, make sure that you use a secure https connection and never an unencrypted http page. Such an https page is usually displayed in the browser by an encryption symbol – for example in the form of a small lock. Attention:Criminals are also working more and more with https pages when attempting fraud. Therefore, an https alone is not a guarantee that the website belongs to the real provider.
- Be suspicious: If the house bank does not send any other e-mails, the message in the e-mail inbox is most likely not genuine. Any links sent should not be clicked on under any circumstances.
Links that contain long cryptic attachments in the browser window are particularly dangerous. The address of the fraudulent server is sometimes hidden in an extremely sophisticated way. Even advanced users can easily overlook this – especially since the wrong Internet address they are surfing looks very similar to the real pages of the bank. In addition, phishing emails usually contain a request for sensitive personal data such as a password or PIN. No matter how plausible the reason for this sounds: Credit institutions never email their customers to send secret data.
- Act quickly : Anyone who has nevertheless become a victim of a phishing attack and entered a password, PIN or TAN on a fraudulent site should act quickly. If possible, the PIN must be changed immediately. In any case, your own bank should be informed immediately and online access and the account blocked. Then report it to the police – phishing is a criminal offense. The e-mail that led to the erroneous entry of confidential data should be made available to credit institutions and law enforcement agencies to assist them in their investigations. Under no circumstances may this be deleted afterwards, as it is important evidence.
- Keep an eye on your account : It is generally advisable to check your account statements regularly. This way, incorrect or fraudulent debits can be detected early.