+49 7131 / 1226 – 500 info@dataglobal.com

Phishing Mail Report for October 2024

Welcome to the Phishing Mail Report for October 2024.
Once again this month, dangerous emails disguising themselves as well-known companies are making the rounds in order to steal sensitive data.
As usual, the fraudsters are posing as trustworthy companies, including well-known names of streaming services, online stores or banks where many recipients are customers.

 

In our report, we take a closer look at the most frequently reported phishing emails in October and show you how to recognize them.
As always, the analyzed data is based on the findings of the eleven Detection Lab of the dataglobal Group.

 

Particularly frequent phishing cases in October 2024:

  • German Railways
  • ÖGK (Austrian Health Insurance Fund)
  • ING
  • Deutsche Bank
  • Generic inbox phishing
  • Paypal

1) German Railways

This phishing campaign offers alleged compensation for a delayed train connection.
To receive the refund, the recipient should click on a link in the message text.
In the example message, this link leads to “hps://url-client.vercel.app/hCrP0o” and redirects to “hps://deutsche-bahn.elbeis.de/”.
It is noticeable that the colors and logos of Deutsche Bahn are used in the email to give the impression of seriousness.

 

Example message:

DKB Phishing

2) ÖGK – Austrian Health Insurance Fund

Several phishing campaigns have attempted to imitate messages from the Austrian Health Insurance Fund.
The fraudsters often used the original ÖGK colors, symbols and designs to make the message appear genuine.

However, the senders’ aim is not to obtain access data to the health insurance fund, but to obtain the recipients’ full credit card details.
It is noticeable that these campaigns repeatedly use the pretext of an alleged premium refund to obtain sensitive data.

 

Playback campaign 1

BaFin Phishing 2

Example campaign 2

BaFin Phishing 2

Example campaign 3

BaFin Phishing 2

3) ING

Several phishing emails in the name of ING have been spotted since the end of September.
The subject line read: “Update your app now”.
After a general salutation, the recipient is asked to update the app to the latest version in order to continue using the full functionality and security.

The recipient is asked to click on a button and follow the alleged instructions for updating.
The recipient should complete the update within three days, otherwise there is a threat of restrictions on the use of the app.
Such short deadlines are typical of phishing to encourage recipients to take hasty action.
The impersonal form of address and the suspicious sender address are clear indications of a phishing attempt.
As a general rule, never click on such links – a reputable bank would never proceed in this way.

Savings bank phishing

4) Deutsche Bank

At the end of the week, we received a number of phishing messages aimed at Deutsche Bank customers.
Under the subject line “Action required: renew security number within 48 hours”, the recipient is asked to confirm a so-called security number.
This is supposedly required every six months.

The process should be confirmed either by SMS code or via the app.
If this is not done within 24 hours, access to the account will be blocked and a reactivation fee may be charged.
The e-mail tries to get you to click on the attached button quickly by putting you under time pressure.
Don’t be put off by this and move the message to the spam folder.
The suspicious sender address and the links within the e-mail can be quickly unmasked as a phishing attempt.

Targobank phishing

5) Generic phishing without a link

This phishing message does not contain a clickable link, but simply refers to a PDF file attached to the email.
This PDF contains a QR code that the recipient should scan.
This QR code leads to the URL “h**ps://qrfile-onlinedocuments.com/index.html#<emailadresse@empfänger>”.
Again, the page was not accessible at the time of analysis, but the use of the recipient address in the link indicates that this is an attempt to obtain the recipient’s email credentials.

 

Example campaign

Targobank phishing

Included PDF document incl.
QR code

Targobank phishing

6) Paypal

At the beginning of October, PayPal customers in particular were the target of phishing attempts.
The subject line was: “Account temporarily blocked”.
After a general salutation, the email claims that “unusual activity” has been detected on the account, such as a login attempt from an unknown device.
Details such as an IP address and a foreign location are provided.
To protect the account, the recipient should click on a link within 24 hours to secure the account.
Otherwise, the account could be deactivated.
Criminals use this method to gain access to sensitive data.

However, a glance at the unprofessional design and the impersonal form of address quickly reveals that it is phishing.
Also pay attention to the suspicious sender address.
To be on the safe side, you should move such e-mails to the spam folder and never click on the link.

Targobank phishing

Recognize phishing: What should you look out for?

There are some typical features that help you to identify phishing emails:

General form of address: Phishing messages often begin with impersonal phrases such as “Dear customer” or “Hello” instead of your name.

Conspicuous errors: Spelling and grammatical errors are often a sign of a dubious source.

Urgency: Pressure is often built up by threatening to block accounts or other consequences if there is no immediate response.

Unusual links: Hover your mouse over links to see where they actually lead.
Fraudulent URLs often look genuine but redirect to unknown sites.

Suspicious sender address: Make sure that the sender address really matches the company that allegedly sent the e-mail.

If you receive a suspicious message, do not reply to it, do not click on any links and move the e-mail to the spam folder.

Securely positioned with eXpurgate

Although phishing messages can often be recognized by various clues, it is essential for companies to also rely on a reliable email security solution.
Even with training for employees, there is still a risk that not all suspicious emails will be recognized – especially in the hectic working day, where there is often no time to check every message carefully.

eXpurgate uses advanced algorithms and machine learning to identify potentially dangerous emails.
With a detection rate of over 99.99% and the analysis of more than one billion emails per day, eXpurgate offers an exceptionally high level of protection.

Find out more about how eXpurgate can effectively protect you from phishing attacks and other email threats in a no-obligation consultation.

 

More news

Social engineering – 6 tips on how companies can protect themselves

No matter how good the technical security precautions in companies are: The human factor is often the weakest link in the security chain. In social engineering, cyber criminals exploit this potential vulnerability by faking a personal relationship with the victim in order to carry out their criminal activities. How do you recognize social engineering and how can companies protect themselves and their employees?

read more

Digital document management system – Find out everything you need to know about DMS.

The efficient management of digital documents is a necessity in the modern working world. A digital document management system (or “DMS” for short) is therefore becoming a must-have for companies – and not just for corporations, but also for SMEs. In this article, you will find out what a digital document management system actually is, what functions it fulfills and what advantages it can offer your company.

read more

Managed IT services: Is it worth it for my company? Can I simply outsource my IT?

Managing and monitoring their IT poses challenges for many companies. There is a lack of resources to set up an in-house support team that is up to the task. Managed IT services offer one solution, with external specialists taking over individual IT sub-areas through to complete IT operations. Find out here what Managed IT Services actually are, what advantages they offer and whether the model is also worthwhile for you.

read more

 

Arrange a consultation now

"]

Your Digital Workplace - Solutions

Security

Email Security Cloud

Email Security On-Premise

Workflows

Digital Travel Expense Report

Digital Contract Management

Digital Purchase Requisition

Digital File Solution

Business Process Management

Managed Service

Managed IT Services

Managed Services für ECM

Clean Desk: Efficiency and order at the workplace

In the modern world of work, the concept of the...

ELSTER phishing: beware of fraudulent emails

Back in August 2024, the tax authorities warned...

10 facts about eXpurgate – Get to know us now!

Did you know that, according to the consumer...

1 billion emails a day – eXpurgate’s impressive detection rate

What makes our email security solution eXpurgate...

Phishing Mail Report December 2024

Welcome to the Phishing Mail Report for December...

E-invoicing for small businesses: How to master the changeover

From 2025, the receipt of electronic invoices...

Digital invoice processing: 6 advantages you should know about

The way in which companies create, send and...

Content & News Hub

News

Whitepaper

Success Stories

Know - what is...?

Press

Events