Select Page

Cyren Security Blog

The Cyren Security Blog is where Cyren engineers and thought leaders provide insights, research and analysis on a range of current cybersecurity topics.

Trouble in Europe – SEPA-Phishing-Alert

European internet mailboxes are being flooded by fake emails. The reason is a change in the European money transfer system. National bank transaction rules will soon be replaced by unified rules for all European citizens. The new system is called SEPA – Single Euro Payments Area. In the future it will be more difficult to see who is transferring money to your bank account and vice versa, who received money from you because the details of the person or bank that did the transfer will be converted to a number. Implementing the new system has been delayed many times and will affect a large number of account owners. All in all, it is a pretty big mess and an ideal situation for phishing attacks.

CYREN’s GlobalView™ Security Lab (GSL) has discovered several emails sent in the name of different European bank institutes asking for personal and secure data like TAN number. The spammers copy parts of the bank’s original HTML page and add a form for the phished data

Fake website with an original part a phishing form

Fake website with an original part a phishing form

CYREN found samples from the Austrian Alpe Adria bank, the German Sparkasse and Netherlands ING Bank. In many cases the recipient is asked to check the IBAN number (International Bank Account Number) and give some other private details, like his phone number. An employee of the bank will call back and finish the change. A big national German newspaper published a story of a 63 year old business man who gave his credentials to the fraudsters and lost 25,000 Euros.

Munich based business man lost 25.000 Euros in SEPA phishing

Munich based business man lost 25.000 Euros in SEPA phishing

After some investigation CYREN has confirmed that a lot of the fraud websites are already offline. The fake websites are easy to recognize. In the address bar you will see a domain name different from the bank name (see picture one, top left). Furthermore we have the usual suspect signs like no personal address in the email and wrong encoding in the text so it lacks special characters.

And as a last advice: Nobody (including bank employees) should ask for your private credentials like PIN or TAN numbers or, in the case of credit cards, for your secure code.

You might also like

Phishing with QR codes

Don’t Scan or be Scammed By Maharlito Aquino, Kervin Alintanahin and Dexter To In 1994, a type of the matrix barcode known as the Quick Response code, now widely known as QR code, was invented by Masahiro Hara from a Japanese company Denso Wave. The purpose of the...