In April 2025, numerous fraudulent emails targeting your personal data are once again circulating on the internet. Cyber criminals disguise themselves as well-known organizations in order to gain the trust of recipients.
In this article, we take a look at the most conspicuous phishing campaigns of the month and give you valuable tips on how to detect and protect yourself against such attacks. As always, this report is based on the latest findings from the eleven Detection Lab of the dataglobal Group.
Particularly widespread phishing campaigns in April 2025:
- ADAC
- Meta
- AOK
1) Fake ADAC e-mails
Here, alleged unusual activity on the ADAC account is used as a pretext to persuade recipients to click on a link. The deceptively genuine design of the emails with ADAC colors and logos makes this scam look particularly authentic.
Example campaign 1
Example campaign 2
2) Phishing attack on Meta Ads customers
Corporate customers of Meta/Facebook Ads have been particularly affected by phishing attacks this month. The cybercriminals claim that there has been a breach of copyright in order to trick users into entering their login details on a fake website. The aim is to gain undetected access to the affected accounts.
When you click on the link, you are redirected to the following website after a short “Facebook/Meta” intro animation:
It is about an alleged complaint that is said to have led to the Meta Ads account being blocked. The user is then asked to fill in the form:
After entering this data, you will also be asked for the account password:
3) AOK phishing remains active
This scam, which has already appeared in previous weeks, remains active. The attackers are copying the appearance of the Allgemeine Ortskrankenkasse (AOK) health insurance fund in order to persuade users to disclose sensitive information. The colors, logos and design of the real AOK communication are deliberately imitated.
4) Further attempts at fraud
In addition to the campaigns already mentioned, masses of bogus e-mails continue to appear posing as messages from the following companies:
- 1and1
- Amazon
- DKB Bank
- ING
- Netflix
- Paypal
How to recognize phishing emails
Phishing e-mails usually have typical characteristics that help to identify them as scams. Look out for the following warning signals:
- Linguistic errors: As a rule, companies attach great importance to correct spelling. Incorrect texts are often an indication of attempted fraud.
- Conspicuous links: Before clicking on a link, move the mouse over it to display the actual target address. These are often manipulated URLs.
- General form of address: Official companies usually address their customers by name. Phrases such as “Dear customer” indicate phishing.
- Pressure and threats: Emails claiming that urgent action is required or threatening consequences if you do not respond immediately are often fraudulent.
Protective measures with eXpurgate
As phishing attempts are constantly evolving, it is essential for companies to have a reliable security solution. eXpurgate uses advanced technologies and machine learning to detect and block suspicious emails at an early stage. With a detection rate of over 99.99% and the daily analysis of more than one billion emails, the solution offers excellent protection against phishing attacks.
Would you like more security for your e-mail communication?
Arrange a non-binding consultation and find out how eXpurgate can optimally secure your e-mail communication.