Overview
- Since early July, Sparkassen clients have received fake security-check emails, Postbank users got “Wichtige Mitteilung” messages on July 11 warning of incomplete account details, and by July 15 DKB customers faced bogus app-login expiry notices.
- Fraudsters replicate official bank logos and layouts, use generic salutations and pressing time limits to trick recipients into clicking links that harvest online-banking and credit-card credentials.
- A reported Postbank phishing attack cost one pensioner couple nearly €70,000 after they followed a fraudulent update request.
- Sparkassen-Finanzgruppe and consumer protection agencies are urging customers to delete suspicious emails, verify any alerts via official apps or websites, and move phishing attempts to their spam folders.
- Law enforcement and federal cybersecurity bodies have been enlisted to trace the transnational network behind the campaign as scammers increasingly deploy AI to boost the realism of their attacks.