The creativity of phishing con artists knows no bounds: the BSI sees new variants of fantastic, but contrived stories nearly every day. Con artists are often sure to mention recent events to make their lies seem more credible. Another method is to promise a bonus or reward in exchange for the entry of personal information. Bank customer remain the primary targets of mass phishing mailings.

Supposedly due to data protection: After the General Data Protection Regulation (GDPR) took effect in the Spring of 2018 cyber criminals found the topic very interesting, too. Using the name of the online payment provider PayPal, masses of phishing mails are sent again and again, claiming that by law they are required to regularly review all customer data. If a customer does not respond to the request to enter the data, the account must be locked immediately in accordance with the GDPR.

Naturally, the mail does not include the specific part of the GDPR that they are supposedly referencing: it doesn't exist. What is more, neither PayPal nor any other payment service provider would ever ask you by e-mail to enter your data. Our recommendation: send any alleged PayPal e-mails directly to your spam or junk mail folder without responding.

Contest leads to phishing website: 'Brand name trainers for free - share this post' - anyone who clicks a post like this on Facebook will be taken to a fake but perfect imitation of a well-known sports equipment website. Made-up contests are one way cyber criminals steal personal data from victims. However, social networks are not the only place you should exercise caution: so, too, if you find any web addresses that combine strings of words, here for example 'adidas.de.jahrestag-adi.com'

The link is intended to make you believe it leads to the Adidas website because it begins with 'adidas.de'. However, it is actually what is known as a subdomain. The real link address is 'jahrestag-adi.com'. This is why you should always take our advice and take a closer look at the Internet address before you share or click on posts on Facebook or other networks.

Long-time favourite - the security vetting: Bank customers have long been the target of phishing con artists, for example customers of cooperative banks. The cooperative banking group has some 18.5 million members across Germany. Con artists therefore have a good chance that its customers will be among the waves of mailings sent out. One such subject line might read 'Cooperative bank security form'.

The author of the text claims that due to a security incident every customer must enter their data to verify it. Accounts must otherwise be locked. This is a typical pretence, well known from many other phishing variants. In this particular case you can also recognise it is a phishing scam because of the impersonal form of address. The spelling of the particular bank is also often incorrect in the subject line.

'Your data is no longer up to date': Sparkasse, a German savings bank, has nearly 40 million customer accounts, making it a prime target for use as a falsified sender. Using this bank name, one recent campaign used a much more cunning tactic than the example above. Recipients were addressed by name.

Victims were asked to provide confidential information, which was supposedly out of date. Rather than the threat of a locked account, the message threatened that a registered letter would be sent for which victims would have to foot the bill. Do not be fooled by a personal address or the threat of costs. No German or other trustworthy credit institute would ever request sensitive data to be entered over an e-mail. The e-mail has clearly been sent by bold phishing con artists.

E-mail from online retailers: 'Your account has been restricted!' Current phishing e-mails are using this message and appear to have been sent by Amazon. These criminals attempt to convince you to enter confidential data in order to protect this very data against misuse. This data would allow criminals to make purchases at your expense. If you don't enter the data, the mail threatens that your account will be locked.