German police have identified a gang that stole 4 million euros via phishing attacksSecurity Affairs

German police have arrested an individual suspected of stealing €4 million from users via large-scale phishing campaigns.

The German Bundeskriminalamt (BKA) has arrested an individual (24 years old) suspected of having stolen €4,000,000 from Internet users via phishing attacks as well as two suspected accomplices.

The phishing campaigns were carried out between October 3, 2020 and May 29, 2021, the gang sent the victims messages posing as German banks.

One of his alleged accomplices (40) has been charged with 124 acts of computer fraud, while police are investigating the third.

“These emails were visually and linguistically believable, based on real bank emails. The victims were informed in these letters that their house bank would change their security system – and their own account would be affected. read the statement released by BKA and shared by BleepingComputer. “Recipients of the emails were thus tricked into clicking on a link, which led to a deceptive-looking banking page. There, phishing victims were asked to enter their login details and a current TAN, which allowed the scammers to see all the respective victim’s account data including credit amount and availability.The perpetrators then contacted the victims and tricked them into revealing other TAN numbers as alleged bank employees. Together with the TAN, they were then able to withdraw funds from the accounts of the victims.

The phishing emails informed recipients of changes to the bank’s security system and asked them to click on an embedded link that redirected them to a landing page asking them to enter their credentials and TAN (number transaction authentication).

Once the credentials and TAN code were obtained, the crooks were able to access the victims’ online bank accounts and withdraw funds.

According to the German BKA, the suspects also carried out DDoS (distributed denial of service) attacks against banks to conceal their fraudulent activities. Investigators believe the gang relied on DDoS services for hire provided by other cybercriminals.

“They are also accused of carrying out so-called DDos attacks against financial institutions and payment card providers in order to obtain additional banking data and to conceal their actions. Company websites, servers and networks have been overloaded with masses of automated queries, causing online services to be unavailable or severely restricted in availability. continues the announcement. “In order to carry out their crimes, the defendants allegedly resorted to offerings from other cybercriminals who sell various forms of cyberattacks as ‘Crime-as-a-Service’ on the dark web.”

The police recommend that Internet users never click on links or open attachments in e-mails that appear to be from the bank and urge them to take certain actions. In case of doubt, bank customers are recommended to contact their bank adviser personally or to inquire directly on the bank’s website.

Follow me on Twitter: @securityaffairs and Facebook

Pierluigi Paganini

(Security cases hacking, phishing)



Share on


Comments are closed.