Phishing Mail Report for May 2024

Welcome to the latest Phishing Mail Report. In May, the eleven Detection Lab again registered a large volume of fraudulent e-mails, including numerous phishing attacks. The aim of these phishing emails is to steal sensitive information, in particular access data to online accounts. The senders disguise themselves with the names of well-known companies, e.g. major streaming services or banks. In this report, we take a look at the most common phishing emails in May and explain how you can recognize them.

Here are the alleged senders of the biggest phishing attacks:

comdirect Bank
Commerzbank
Telecom

1) Generic inbox phishing

The largest phishing campaign in terms of numbers is aimed at obtaining login data for e-mail inboxes. These messages appear to come from the provider of the recipient’s e-mail service. The user is asked to click on a link contained in the message text in order to release supposedly blocked messages.

The user is asked to enter their access data on the fake website. After entering the data, the user is redirected to the real domain of their email provider to give the impression that the data has been transmitted securely – but in fact it ends up directly in the hands of the fraudsters.

2) comdirect Bank

One particularly noteworthy phishing mail attempts to obtain the access data of comdirect Bank customers.

Phishing Report: Example Phishing comdirect

The link contained in the email leads to a website that appears authentic at first glance (e.g. B. “kunden-comdirekt.de”). Each e-mail contains links that can only be used once and are inactive when called up again. In addition, mechanisms such as the blocking of links and messages such as “Unauthorized Access” prevent an analysis of the fake page using a browser debugger or download.

3) Commerzbank

This phishing mail is almost identical to the comdirect bank mailing, but is aimed at Commerzbank customers. The design of the messages and the mechanisms for blocking used links are also integrated. The similarities are immediately recognizable.

Phishing Report: Example Phishing Commerzbank

4) Telecom

What is striking about this phishing mail is its inconspicuousness. No deadlines are set, no problems with the customer account are mentioned and no high costs are threatened.

Phishing Report: Example Phishing Telekom

The phishing mail imitates an order confirmation, whereby all links behind the visible links (e.g. “www.telekom.de/termin-verschieben”) have been replaced by fraudulent Internet addresses (e.g. “h**p://mermaid-kat.net/index.html”).

Phishing report: Example of phishing Telekom customers

You can recognize a phishing mail by these characteristics

Phishing emails are often not immediately recognizable, but there are certain characteristics that can help you identify fraudulent messages. Here are some common signs:

Unknown sender

Phishing emails often come from unknown and/or suspicious senders.

Fake domains

The sender address looks similar to that of a legitimate organization, but differs slightly (e.g. “kunden-comdirekt.de” instead of “comdirect.de”).

Urgency and threats

The e-mail often contains an urgent request to act immediately to avoid alleged consequences, such as the blocking of your account. You are threatened that your account will be blocked or you will have to pay high fees if you do not respond immediately.

Grammatical and spelling errors

Phishing emails often contain grammatical and spelling mistakes or generally appear poorly worded.

Suspicious links and attachments

Before clicking on a link, move the mouse over it (without clicking) to display the actual URL. These links often lead to unknown or suspicious websites. Phishing e-mails also often contain attachments that you are supposed to open. These attachments may contain malware.

Impersonal form of address

Generic greetings: Phishing emails often begin with impersonal salutations such as “Dear customer” or “Dear user” instead of using your name.

Requests for sensitive information

Unusual requests: Legitimate companies do not normally ask for confidential information such as passwords, credit card numbers or social security numbers via email.

Inconsistencies in content

Inconsistencies: Check that the content of the email matches what you would expect from the organization. If something doesn’t fit, it could be phishing.

Missing or suspicious contact information

Missing details: Phishing emails often lack the usual contact details or contain suspicious contact details.

Vigilance against phishing

Phishing attacks pose a serious threat to online security, especially for companies and their customers. It is important to remain vigilant and check suspicious emails carefully to avoid falling victim to these scams. Raising awareness of phishing techniques and applying proven security measures can help you to protect your data.

Play it safe with eXpurgate

While certain characteristics of phishing emails are relatively easy to recognize, companies in particular need a professional email security solution for comprehensive protection. The risk of phishing is too great and not all employees can be fully sensitized. In addition, there is often not enough time to check every incoming e-mail thoroughly.

eXpurgate uses advanced algorithms and machine learning techniques to identify suspicious emails. It analyzes all relevant factors (e.g. content, sender, links, attachments, etc.) to identify potential threats. With eXpurgate, companies no longer have to worry about spam, phishing and malware, as these threats are averted immediately.

Find out now in a non-binding consultation about the advantages of eXpurgate for protection against phishing emails and other threats in email communication.

Get to know eXpurgate

More news

Social engineering – 6 tips on how companies can protect themselves

No matter how good the technical security precautions in companies are: The human factor is often the weakest link in the security chain. In social engineering, cyber criminals exploit this potential vulnerability by faking a personal relationship with the victim in order to carry out their criminal activities. How do you recognize social engineering and how can companies protect themselves and their employees?

Critical Outlook vulnerability discovered (February 2024)

In February 2024, security researchers discovered a vulnerability in Microsoft Outlook and classified it as critical. You can read everything you need to know as a user here.

Bitcoin Halving 2024 : Danger from phishing mails on the rise

More and more cases of crypto phishing! The reason is the high Bitcoin price and the upcoming Bitcoin Halving 2024.

Digital document management system – Find out everything you need to know about DMS.

The efficient management of digital documents is a necessity in the modern working world. A digital document management system (or “DMS” for short) is therefore becoming a must-have for companies – and not just for corporations, but also for SMEs. In this article, you will find out what a digital document management system actually is, what functions it fulfills and what advantages it can offer your company.

Managed IT services: Is it worth it for my company? Can I simply outsource my IT?

Managing and monitoring their IT poses challenges for many companies. There is a lack of resources to set up an in-house support team that is up to the task. Managed IT services offer one solution, with external specialists taking over individual IT sub-areas through to complete IT operations. Find out here what Managed IT Services actually are, what advantages they offer and whether the model is also worthwhile for you.