How can big banks better recognize fraud?

Characteristics of a phishing email

Grammar and spelling mistakes

E-mails that are written in incorrect German are the easiest to look through. Most of the time, they were not written in German, but were translated from another language by a translation service. Another indication of such e-mails are font errors, such as Cyrillic letters or missing umlauts.

Mails in a foreign language

Emails written in English or French can also be quickly identified as phishing. If you are not currently a customer of a bank domiciled abroad, you can be sure that you will only receive e-mails from your bank in German (if at all).

Missing name

You always address your bank and other business partners, such as online payment services, with your name in e-mails and never with "Dear customer" or "Dear user". Very sophisticated phishing perpetrators have often already found out your name and write to you personally, for example "Dear Ms. Meier" or "Dear Mr. Müller". With this, criminals try to give the e-mail a higher level of credibility.

Urgent need for action

If you are asked by e-mail to act urgently and within a certain (short) period, you should also be suspicious. In particular if this request is associated with a threat - for example that your credit card or your online access will otherwise be blocked.

Entering data

The request to enter personal data and possibly a PIN or TAN is a further indication. Banks and online payment services will not email you to ask for this. PIN and TAN are never requested by financial institutions by telephone or by email from banks; this is one of the essential safety rules.

Request to open a file

In an increasing number of phishing e-mails, recipients are asked to open a file that is either attached directly to the e-mail or, alternatively, is available for download via a link. You must never download or open such a file in unexpected e-mails. As a rule, this file contains a malicious program such as a virus or a Trojan horse. Never let the threatened consequences such as an account lock, the involvement of a debt collection company or other invented reasons tempt you to open an attached file! You should always be suspicious of emails with a file attachment.

Links or inserted forms

As a rule, banks do not send e-mails, but letters. If you do receive e-mails from your bank, they will not send any file attachments (such as forms that have to be entered). Banks and other service providers only send emails with links that the recipient should click in exceptional cases. Then it is about new terms and conditions, for example, but never about logging into your customer account. It is always better to call up the website yourself by typing it into the address field of the browser.

Never received any emails from the bank or not a customer

If your bank never sends you e-mails, may not even know your e-mail address, or another service provider contacts you with whom you have no business relationship - delete the e-mail.

Mail header

Some phishing emails are very well done. The sender email address seems trustworthy, the link in the text as well, the German is fluent? Even so, this email doesn't have to be real. Information about the sender of e-mails can also be falsified. If you want to check this - to remove any doubts - you have to look at the so-called mail header. There is the IP address of the sender. Only this is forgery-proof and provides information about the actual sender.


more on the subject

Federal Office for Information Security: Spam, Phishing & Co.

Research group SECUSO of the Karlsruhe Institute of Technology - NoPhish