Phishing Mail Report July/August 2024
Welcome to the Phishing Mail Report for July/August 2024.
This month, we have once again compiled some exciting cases.
Phishing emails aim to steal confidential data such as access information for online accounts.
The senders usually pretend to be reputable companies – these are often (supposedly) large streaming services or banks where many recipients of the phishing attempts are customers.
In this report, we highlight some of the most common phishing emails in July/August and explain how you can recognize them.
As always, the data analyzed comes from the eleven Detection Lab of the dataglobal Group.
Frequent phishing cases in July/August 2024:
- BaFin (2 variants)
- Advanzia Bank / gebührenfrei.de
- AMEX – American Express
1) BaFin – German Federal Financial Supervisory Authority
A currently frequent phishing scam targeting companies imitates a message from BaFin.
It claims that the recipient must fill in a document with their bank details to protect themselves from online fraud.
At the time of analysis, this website was already deactivated, so we can no longer make any precise statements about its content.
However, it can be assumed that access data for online banking was to be requested on this page.
2) BaFin – Federal Financial Supervisory Authority – Variant 2
This phishing e-mail also imitates a notification from BaFin.
Both campaigns are of a similarly high quality and give the impression that they have actually been sent by BaFin.
Here too, the recipient’s bank details are supposedly being checked to protect against fraud.
Note: These phishing attempts with BaFin as the supposed sender have only recently been occurring on such a large scale.
3) Advanzia Bank / gebührenfrei.de
An initially inconspicuous-looking mailing that redirects to a professionally designed phishing website.
This website (h**ps://nia.sga.mybluehost.me/access/login.php), to which the mailing redirects, is particularly worth mentioning.
The page imitates the platform of the gebührenfrei.de payment service:
On the first page, users are asked to enter their access data for gebührenfrei.de.
After entering their details, users are redirected to another website (h**ps://nia.sga.mybluehost.me/access/Kreditkartennummer.php) where they are asked to enter their credit card details and security codes.
Once the data has been entered, the user is redirected to a third page (h**ps://nia.sga.mybluehost.me/access/snd/send_details.php), which, however, imitates an endless loading animation.
The previously entered data has presumably already been sent to the message sender at this point.
This means that not only the access data to gebührenfrei.de is captured from the message recipient, but also another credit card.
This significantly increases the profit for the sender of the campaign.
4) AMEX – American Express
This phishing e-mail purports to be from American Express.
The aim is to trick the recipient into disclosing the login details for their AMEX account.
How to recognize phishing
Phishing emails aim to steal confidential information such as credit card details, passwords or other personal data.
At first glance, these emails often look deceptively genuine as they mimic legitimate senders.
Nevertheless, there are some reliable signs that indicate phishing:
Unusual sender address
Check the sender’s e-mail address carefully.
It is often only slightly changed or looks similar to the address of a real company at first glance.
Spelling and grammatical errors
Phishing messages often contain typos, grammatical errors or unclear formulations that are not normally found in professional messages.
Urgent requests
Emails urging you to take immediate action, update your details or click on a link are suspicious.
Suspicious links
Check links in emails by hovering over them without clicking on them.
The URL should lead to the website it claims to represent and should not contain any strange or unexpected domains.
Unusual requests for personal information
Reputable companies never ask for sensitive information such as passwords, credit card numbers or social security numbers by e-mail.
Unknown attachments
Be careful with e-mails with attachments that you are not expecting.
These could contain malicious software.
Unusual language
Watch out for unusual forms of address or unexpected greetings.
Reputable companies normally use formal forms of address and know your contact details.
No personal approach
Emails that use a generic greeting (“Dear Customer”) instead of addressing you by name can be suspicious.
Especially if they come from a company of which you are a customer.
Unusual requests
Emails that ask you to enter confidential information on a website or that urge you to take unusual actions are often phishing attempts.
Review of the website
If you have any doubts, go directly to the company’s website by manually entering the URL into your browser and log in there instead of following the links in the email.
Play it safe with eXpurgate
Phishing e-mails can be recognized by various characteristics and training your employees accordingly is certainly a good idea.
However, a professional email security solution is also essential for companies in order to be fully protected.
The risks of phishing attacks are too great and it is difficult to fully sensitize all employees to this issue.
In addition, there is often not enough time in the hectic working day to thoroughly check every incoming email.
eXpurgate uses modern algorithms and machine learning technologies to detect suspicious emails with phishing signs.
With a spam detection rate of over 99.99% and the analysis of over 1 billion emails per day, eXpurgate offers an exceptionally high level of security.
Let us inform you about the advantages of eXpurgate in a non-binding consultation and find out how you can effectively protect yourself against phishing emails and other threats in email communication.
More news
Social engineering – 6 tips on how companies can protect themselves
No matter how good the technical security precautions in companies are: The human factor is often the weakest link in the security chain. In social engineering, cyber criminals exploit this potential vulnerability by faking a personal relationship with the victim in order to carry out their criminal activities. How do you recognize social engineering and how can companies protect themselves and their employees?
Critical Outlook vulnerability discovered (February 2024)
In February 2024, security researchers discovered a vulnerability in Microsoft Outlook and classified it as critical. You can read everything you need to know as a user here.
Bitcoin Halving 2024 : Danger from phishing mails on the rise
More and more cases of crypto phishing! The reason is the high Bitcoin price and the upcoming Bitcoin Halving 2024.
Digital document management system – Find out everything you need to know about DMS.
The efficient management of digital documents is a necessity in the modern working world. A digital document management system (or “DMS” for short) is therefore becoming a must-have for companies – and not just for corporations, but also for SMEs. In this article, you will find out what a digital document management system actually is, what functions it fulfills and what advantages it can offer your company.
Managed IT services: Is it worth it for my company? Can I simply outsource my IT?
Managing and monitoring their IT poses challenges for many companies. There is a lack of resources to set up an in-house support team that is up to the task. Managed IT services offer one solution, with external specialists taking over individual IT sub-areas through to complete IT operations. Find out here what Managed IT Services actually are, what advantages they offer and whether the model is also worthwhile for you.