Home Page Navigation Contents Contact Sitemap Search
HomeNewsA new wave of phishing

A new wave of phishing

Cur­rently, there is an increase in fraud­u­lent e-mails from finan­cial insti­tu­tions. These are trying to lure e-banking cus­tomers to banking web­sites which are just as fake.

Fraud­sters are cur­rently step­ping up their efforts once again to lure bank cus­tomers to imi­ta­tion e-banking web­sites with pur­ported e-mails by finan­cial insti­tu­tions such as the Credit Suisse. This cur­rent phishing wave is aiming to steal access data and credit card information.

In the process, fraud­sters try and put pres­sure on bank cus­tomers: They are misled into clicking a link leading to a faked e-banking web­site under some pre­text or other - for instance that cus­tomers will have to update their per­sonal information.

In con­trast to ear­lier waves of attacks, these e-mails and faked web­sites look decep­tively gen­uine both visu­ally and also as far as their con­tents are con­cerned, using near-per­fect German and orig­inal bank logos. In addi­tion, these web­sites have a valid secu­rity cer­tifi­cate (SSL cer­tifi­cate), there­fore dis­playing a secured con­nec­tion including https:// and a lock symbol in the browser address line to poten­tial victims.

How­ever, you can recog­nise such fakes by their address which does not agree with the one of the actual finan­cial insti­tu­tion, e.g. «https://entry.credit-suisse.services» or «https://entry.swisscard.services».

You can pro­tect your­self against phishing by observing the fol­lowing rules of conduct:

  • Please be careful when han­dling e-mails. Don’t ever open any annexes straight away or click on any links, even if the sender looks familiar. In case of doubt, ask the pur­ported sender for ver­i­fi­ca­tion via a dif­ferent channel (e.g. the offi­cial tele­phone number of a bank). Finan­cial insti­tu­tions will never ask you to log into their site or enter your access data by e-mail!
  • Don’t let any­body put pres­sure on you (“Your account will be blocked”, etc.).
  • Always make sure to enter the address for your finan­cial institution’s log-in page man­u­ally into your browser’s address line.
  • Check the SSL con­nec­tion (green lock, domain name, cer­tifi­cate).
  • In case of doubt or error, please con­tact your finan­cial insti­tu­tion immediately.
  • Create a basic level of pro­tec­tion using our “5 steps for your dig­ital secu­rity”: Create back-up copies reg­u­larly, use antivirus soft­ware and fire­wall, keep oper­ating system and pro­grams up to date, exer­cise care and remain alert.

Fur­ther infor­ma­tion on the sub­ject of phishing can be found here.

You might also be interested in these articles:

What else would you like to learn about security when e-banking?

Reg­ister for a course now
and learn more:

Basic course

Find out about cur­rent Internet threats and some easy pro­tec­tive mea­sures, and how to securely use e-banking.

fur­ther information

Online course mobile banking/payments

Find out about mobile banking, mobile pay­ments and how to securely use these apps.

fur­ther information

Online course for the under-30s

Learn how to use your smart­phone securely. Next to basics, we will show you what you should know about social media, clouds, mobile banking and mobile payments.

fur­ther information

Course for SMEs

Is your organ­i­sa­tion suf­fi­ciently secure? Learn which mea­sures you can take to sig­nif­i­cantly strengthen your organisation’s IT security.

fur­ther information

Cau­tion advised with pay­ment orders by e-mailDid I get hacked?