Germany's Bundeskriminalamt (BKA), the country's federal criminal police, carried out raids on the homes of three individuals yesterday suspected of orchestrating large-scale phishing campaigns that defrauded internet users of €4,000,000.
One of the three individuals, a 24-year-old German citizen, has been arrested and charged, while a second one, a 40-year-old, was also charged with 124 acts of computer fraud. Investigations on the third suspect are still ongoing.
Based on the evidence gathered by the German Computer Crime Office, the phishing operations attributed to the charged men were committed between October 3, 2020, and May 29, 2021.
€4 million operation
The three men obtained money from their victims by sending them phishing emails that were clones of messages from real German banks.
BKA comments that the forgery was very high quality and almost impossible to distinguish from genuine bank emails.
The emails informed the recipients of imminent changes in the bank's security system, inevitably impacting their accounts.
To ensure they could continue using the bank's services, the victims were requested to log in to a phishing website, thus handing over their credentials to the crooks.
Additionally, the victims were asked to enter their TAN (transaction authentication number), which is a one-time code for online transactions, enabling the hackers to access their e-banking accounts and withdraw funds.
As mentioned in BKA's announcement, the threat actors even performed DDoS (distributed denial of service) against the banks, hoping this would help cover up their fraudulent transactions.
"The websites, servers, and networks of the companies were overloaded by masses of automated queries, causing the online services to be unavailable or their availability severely restricted," explains BKA's announcement (machine translated).
"In order to carry out their crimes, the accused are said to have resorted to offers from other cybercriminals who worked on the dark net, selling various forms of cyber attacks as crime-as-a-service."
If you receive an email alleging to be from your bank and asking you to take action to resolve a problem, do not click on any of the embedded buttons or URLs.
Instead, open a new tab, use a search engine to visit the bank's official site, and log in to the customer portal to review any alerts or notices.
Finally, never enter account credentials before you have confirmed that the domain you landed on is the real one.
Comments
yawnshard - 1 year ago
Going to be really interesting when they have to publish their first names with the last name censored down to the first letter only. I'll probably have a good laugh.