Looking at a screenshot of this very well designed phishing website, one cannot find any obvious hint for scam. Even all active contents like the stock market charts and advertisements are implemented:
All links provided lead to the original bank website and a customer would not suspect anything. The site shown above (menu: individuals > accounts & cards > credit card) is the only one that has nothing to do with the original bank’s web presence.
Obviously, a click on “Continue” (German: Weiter) will send all user data entered in this form to the fraudsters. The validity of the given credit card number is checked, but only in terms of string length – if one enters a credit card number shorter or longer than 16 digits, an error occurs. Providing a 16 digit number, the system accepts it and issues a screen saying “You’ve succeeded!“
Even though we do not yet know the source of the phishing URL, we suspect that users reach this site through a spam campaign in which the fraudsters claim that credit card owners have to activate their credit card or to re-activate the card after maintenance issues.
The German Sparkasse has been informed about this case of phishing.
Leave a reply