With the help of fraudulent emails, criminals try to get data from users. They often use so-called phishing emails. We explain what these emails are and how you can recognize them.
At least seven members of the Bundestag have apparently been victims of a hacker attack. According to several media reports, the Russian hacker group “Ghostwriter” is behind this. More on this read here.
The attackers are said to have used so-called phishing emails. This is a popular way for criminals to gain access to user data. We explain what phishing exactly is, what is behind the advanced spear phishing method and how you can recognize such fraudulent emails.
What is phishing?
With phishing, criminals try to get personal data of their victims – such as name, e-mail address, passwords or birthday. You can either sell this data on the Darknet or use it yourself to log into online accounts such as your bank account and loot it. Identity theft can also be committed with personal data. More on this read here.
Criminals like to use fake emails, websites or chat messages for phishing attempts. It often works like this: Users receive an email that looks like it came from a large company like Amazon or a bank like Sparkasse. It uses a pretext to ask users to click a link and thus lure them to a website that is similar to that of the company or the bank. Here users should enter their personal data. But whoever does that gives them to the criminals.
What is spear phishing?
The spear phishing attack is particularly dangerous. If normal phishing emails are typically sent to thousands of users, spear phishing attacks are aimed at specific people or companies. Attackers collect information about the target online beforehand, for example in social networks. With the help of the additional information, criminals can then make the emails appear as credible as possible. This increases the likelihood that the victim will fall for such an email and click on a malicious link or download a malicious file.
In the end, the attackers behind spear phishing attacks usually also want to steal special information, such as trade secrets or even military information. The attack against the Bundestag politicians is also said to have been a spear phishing attack, as reported by “Tagesschau.de”.
How can you identify phishing emails?
There are many ways to identify phishing emails. For example, normal scam emails often have no personal salutation. They are also usually peppered with spelling or grammatical errors. Also pay attention to the sender: criminals can use so-called mail spoofing to disguise the sender address. For example, PayPal or Amazon can be displayed there. However, if you hold the mouse pointer over the sender address, the so-called mouseover shows the true address.
Alternatively, you can display the mail header in full. How this is done varies with each email program. Usually you will find the real address of the sender in the source code of the header under the point “Return-Path”. In other cases you can also press “Reply” on the mail. You should now see the true email address in the sender address. However, you should not reply to the message.
Spear phishing attacks can be harder to spot because they are tailored to the victim. The rule here is that users have to show a healthy level of distrust. For example: You receive a credible-looking message that claims to come from an administrator on your network. However, the sender asks you to click on a link and enter personal data there. If you are suspicious here, it is better to find the telephone number of your I on the intranetT-Teams Pick out and ask if you are actually sending such emails. Under no circumstances should you use a phone number from the suspicious email – it could lead to the fraudster’s phone.