Recognising phishing e-mails

When you receive an e-mail that contains any of the following characteristics, you should be suspicious. This is because it is most likely a phishing e-mail:

• The e-mail does not address you personally, instead beginning with "Dear customer...".
• The text informs you that you must do something immediately, or else. "If you do not update your data right away, they will be deleted forever..."
• The text uses threats: "If you do not do this, we must unfortunately lock your account..."
• The text requires you to enter confidential data like the PIN for your online banking or a credit card number.
• The e-mail contains links or forms.
• The message text is poorly written.
• The text contains Cyrillic letters or incorrect or missing special characters.
  

Be careful: By contrast to just a few years ago, many phishing e-mails no longer contain linguistic problems or misspellings. Remain cautious even if the text is well written. Watch the video to learn how phishing works and watch you need to look out for:

A phishing e-mail that uses HTML format often hides a different e-mail address in place of the sender shown. There are different ways to find out if this is the case: if you manage your e-mails in a browser, you can take a look at the source text of the HTML mail. Many e-mail applications allow you to hold the cursor over the sender line without even clicking on it. This will allow you to see if a different address is embedded in the sender line.

Recognising phishing websites

Perhaps you've already read somewhere or heard that when you see "https://" in the address bar of your web browser it means you have a secure connection to a trustworthy website. Actually, what it means is that the site host has obtained an SSL certificate for the website. More and more phishing con artists are doing just this to appear more trustworthy. "https://" no longer means a website is secure and trustworthy.

Make it habit to check the links in e-mails and social networks before you click on them. Even someone who is not an expert can easily notice something suspicious. One red flag is when the Internet address does actually contain the name of the institution, but also uses unusual figures or combinations of symbols, for example 'www.135x-Bank.de'.

Another phishing red flag for fake websites is the request to enter a TAN when you've not made any sort of transaction. You should be particularly on guard if after you log on to your bank website it then asks you to enter data your bank already has such as your name, address or IBAN (routing numbers): you've most likely just opened a fake website.

How much of a threat is phishing really?

The economic damages caused by cyber crimes that start with phishing attacks are estimated to be in the tens of millions in Germany every year.

Consumers are faced with different risks depending on the intention of the phishing attack: victims who are unaware they are opening the fake website of a bank and who then enter their credit card number, including expiry date and security code, have just provided criminals with everything they need to go on an Internet shopping spree. Fake websites of online retailers are likewise used to spy on account data in order to make online purchases using the victim's money. Financial damages are the primary danger posed by phishing.

In addition, phishing mails with attachments hiding malware are becoming more and more of a problem. Every careless click leads potentially infects victim's systems with malware. The malicious software could involve anything from a trojan to bots or ransomware.