+49 7131 / 1226 – 500 info@dataglobal.com

ELSTER phishing: beware of fraudulent emails

All information on the current ELSTER phishing in January 2025

Back in August 2024, the tax authorities warned of a new phishing scam in which emails were sent in the name of the ELSTER portal. These messages looked deceptively genuine and were designed to steal sensitive data such as account information and credit card details from recipients.

 

There is currently a new ELSTER phishing scheme in circulation that uses a very similar approach. You can find out everything you need to know here.

Phishing campaigns target ELSTER users

Almost six months ago, the Thuringia Ministry of Finance drew attention to an increasing wave of phishing attacks in which fraudulent emails relating to electronic tax returns (ELSTER) were circulating. As many citizens and companies use ELSTER for their tax affairs, there was an increased risk of the scam being successful.

Users were directed to fake websites that were used to steal account data, access information or credit card details. There was also a risk that malware such as viruses or Trojans could find their way onto the devices of those affected.

New ELSTER phishing in circulation (as of January 2025)

The current ELSTER phishing uses a similar method and lures the recipient with an alleged tax refund for the last tax year (in this case 2024), which the recipient is supposedly entitled to.

 

ELSTER phishing screenshot 1

Among other things, they are asked to provide their ELSTER access data and bank details in order to receive the outstanding amount. There is also a threat of account blocking if the steps are not taken, as “active participation in this process” is mandatory. The websites appear authentic, but have no connection with the real ELSTER platform.

 

ELSTER Phishing Screenshot 2

ELSTER informs users about the current phishing campaign on its website.

How to recognize counterfeits

The fraudulent messages have several peculiarities that should make you suspicious:

 

  • The form of address is impersonal (“Dear customer”).
  • Pressure is exerted by urging immediate action.
  • There are threats of disproportionate penalties, such as the blocking of the ELSTER account.

Protect yourself!

Do not open any links or attachments and do not disclose any personal data. The tax administration does not send tax data or invoices as e-mail attachments and does not request sensitive information by e-mail.

Recommendation: If you receive suspicious e-mails, contact the company or authority directly via the official channels to verify the authenticity of the message. Do not reply to the e-mail under any circumstances and do not follow any instructions contained therein.

In addition to these measures, we recommend using software to protect your email communication. Opt for a professional email security solution and minimize the risk of becoming a victim of cybercrime.

 

More news

Social engineering – 6 tips on how companies can protect themselves

No matter how good the technical security precautions in companies are: The human factor is often the weakest link in the security chain. In social engineering, cyber criminals exploit this potential vulnerability by faking a personal relationship with the victim in order to carry out their criminal activities. How do you recognize social engineering and how can companies protect themselves and their employees?

read more

Digital document management system – Find out everything you need to know about DMS.

The efficient management of digital documents is a necessity in the modern working world. A digital document management system (or “DMS” for short) is therefore becoming a must-have for companies – and not just for corporations, but also for SMEs. In this article, you will find out what a digital document management system actually is, what functions it fulfills and what advantages it can offer your company.

read more

Managed IT services: Is it worth it for my company? Can I simply outsource my IT?

Managing and monitoring their IT poses challenges for many companies. There is a lack of resources to set up an in-house support team that is up to the task. Managed IT services offer one solution, with external specialists taking over individual IT sub-areas through to complete IT operations. Find out here what Managed IT Services actually are, what advantages they offer and whether the model is also worthwhile for you.

read more

 

Arrange a consultation now

"]

Your Digital Workplace - Solutions

Security

Email Security Cloud

Email Security On-Premise

Workflows

Digital Travel Expense Report

Digital Contract Management

Digital Purchase Requisition

Digital File Solution

Business Process Management

Managed Service

Managed IT Services

Managed Services für ECM

Phishing Mail Report January 2025

Welcome to the first phishing mail report of the...

Clean Desk: Efficiency and order at the workplace

In the modern world of work, the concept of the...

10 facts about eXpurgate – Get to know us now!

Did you know that, according to the consumer...

1 billion emails a day – eXpurgate’s impressive detection rate

What makes our email security solution eXpurgate...

Phishing Mail Report December 2024

Welcome to the Phishing Mail Report for December...

E-invoicing for small businesses: How to master the changeover

From 2025, the receipt of electronic invoices...

Content & News Hub

News

Whitepaper

Success Stories

Know - what is...?

Press

Events