Overview

• Sparkasse reports a fresh large-scale wave of messages labeled “Service Update” that route users to near-identical fake banking portals.
• Phishing lures cite expiring pushTAN or S‑ID‑Check access, with one variant falsely claiming transfers would stop without a “pushTAN update” after October 3.
• Credentials harvested on the cloned sites are exploited in follow-up phone scams, with caller ID manipulated to display local branch numbers.
• Sparkasse and response teams advise never using links in unsolicited messages, accessing accounts only via official apps or websites, and immediately blocking online banking if details were entered.
• Consumer groups highlight red flags such as generic greetings, spelling errors, urgency tactics, and unexpected links, while a BioCatch study estimates €267 billion in 2024 fraud losses and regulators warn of systemic cyber risk.