+49 7131 / 1226 – 500 info@dataglobal.com

Phishing Mail Report January 2025

Welcome to the first phishing mail report of the new year! Once again in January 2025, numerous fraudulent emails aimed at capturing recipients’ personal information have spread. The senders cleverly disguise themselves as reputable institutions.

 

In this article, we highlight the most common phishing campaigns that have been reported to us and give you practical tips on how you can recognize them and protect yourself against them. This report is based on current analyses from the eleven Detection Lab of the dataglobal Group.

 

You need to be particularly wary of these phishing campaigns in January 2025:

 

  • ELSTER
  • GEZ
  • ÖGK (Austrian Health Insurance Fund)
  • Disney+

1) ELSTER – Incorrect tax refund

An alleged tax refund is used as bait to entice recipients to click on a link in the email text. The linked page (h**ps://elster-steueramt.net/) is used to steal personal information. We have already reported on the current ELSTER phishing campaign in a separate news article.

Example campaign

Elster phishing January 2025

Link destination

Elster Phishing 2 January 2025

2) GEZ – Fictitious refund of fees

Here too, a supposed refund is used as a lure. The phishing email contains a link that leads to a fraudulent page. There, not only personal data but also credit card details including CVV number are requested.

 

Example campaign

GEZ phishing January 2025
GEZ Phishing 2 January 2025

3) ÖGK – Deceptively genuine presentation

Fraudsters are imitating the Austrian Health Insurance Fund (ÖGK) and using original colors, logos and design elements to make the fakes look credible. ÖGK customers have been the target of phishing campaigns for several weeks now.

Different variants of phishing e-mails that refer to the name of the ÖGK:

Variant 1

ÖGK Example 1 Phishing Report November

Variant 2

ÖGK Campaign 2 January 2025

Variant 3

ÖGK Campaign 3

4) Disney+ – Alleged subscription problems

It is claimed that there is a problem with the renewal of the Disney+ subscription. The recipient should respond within 48 hours and click on a link. The fake page first asks for the access data for the Disney+ account and later for credit card details. The fraudsters thus obtain doubly valuable information. The deceptively genuine design of the phishing page makes this campaign stand out.

Example campaign:

Disney+ Phishing January 2025

Included link leads to this website:

Disney+ Link 1<br />
Disney+ Link 2
Disney+ Link 3
Disney+ Link 4

5) Other known campaigns

Other phishing activities that have been reported in large numbers include imitations of:

 

  • Advanzia
  • Comdirect Bank
  • Hanseatic Bank
  • Savings bank
  • ING Bank
  • Targobank

How to recognize and avoid phishing

Phishing e-mails often have characteristic features that stand out on closer inspection. The most common warning signs include

Spelling and grammatical errors: Professional companies generally ensure that their communication is free of errors. Phishing emails, on the other hand, often contain conspicuous errors that indicate poor translation or a lack of care.

Suspicious links: It is worth taking a closer look at the URL behind a hyperlink. These links often lead to websites with strange or misspelled addresses that only resemble the original pages. Hover over links with the mouse (without clicking) to check the actual address.

Impersonal address: Reputable companies often use your name or other personalized information in their emails. Phrases such as “Dear customer” or “Dear member” are often an indication of phishing.

Urgent requests: Many phishing emails put pressure on recipients by setting deadlines or threatening consequences if you don’t act immediately. For example: “Respond within 24 hours to save your account.”

Protection through eXpurgate

Even though phishing emails can often be recognized by certain characteristics, it is essential for companies to use a reliable email security solution. Despite employee training, there is still a risk that not every suspicious message will be identified – especially in hectic work situations where there is often no time to check emails carefully.

The eXpurgate security solution uses advanced algorithms and machine learning to detect and block potential threats at an early stage. With an impressive detection rate of over 99.99% and the daily analysis of more than one billion emails, eXpurgate guarantees outstanding protection against phishing attacks.

 

Would you like to find out more?

Arrange a no-obligation consultation and let us show you how eXpurgate can make your e-mail communication even more secure.

More news

Social engineering – 6 tips on how companies can protect themselves

No matter how good the technical security precautions in companies are: The human factor is often the weakest link in the security chain. In social engineering, cyber criminals exploit this potential vulnerability by faking a personal relationship with the victim in order to carry out their criminal activities. How do you recognize social engineering and how can companies protect themselves and their employees?

read more

Digital document management system – Find out everything you need to know about DMS.

The efficient management of digital documents is a necessity in the modern working world. A digital document management system (or “DMS” for short) is therefore becoming a must-have for companies – and not just for corporations, but also for SMEs. In this article, you will find out what a digital document management system actually is, what functions it fulfills and what advantages it can offer your company.

read more

Managed IT services: Is it worth it for my company? Can I simply outsource my IT?

Managing and monitoring their IT poses challenges for many companies. There is a lack of resources to set up an in-house support team that is up to the task. Managed IT services offer one solution, with external specialists taking over individual IT sub-areas through to complete IT operations. Find out here what Managed IT Services actually are, what advantages they offer and whether the model is also worthwhile for you.

read more

 

Arrange a consultation now

"]

Your Digital Workplace - Solutions

Security

Email Security Cloud

Email Security On-Premise

Workflows

Digital Travel Expense Report

Digital Contract Management

Digital Purchase Requisition

Digital File Solution

Business Process Management

Managed Service

Managed IT Services

Managed Services für ECM

Content & News Hub

News

Whitepaper

Success Stories

Know - what is...?

Press

Events