German police arrested one individual suspected of having stolen €4 million from users via large-scale phishing campaigns.
Germany’s Bundeskriminalamt (BKA) arrested an individual (24) suspected of having stolen €4,000,000 from internet users via phishing attacks along with a two accomplices who are suspected.
The phishing campaigns were conducted between October 3, 2020, and May 29, 2021, the gang sent to the victims messaging posing as coming from German banks.
One of his alleged accomplices (40) was charged with 124 acts of computer fraud, while the police are investigating the third one.
“These e-mails were visually and linguistically believable based on real bank e-mails. The victims were informed in these letters that their house bank would change their security system – and their own account would be affected.” reads the statement issued by BKA and shared by BleepingComputer. “The e-mail recipients were thus tricked into clicking on a link, which in turn led to a deceptively real-looking bank page. There, the phishing victims were asked to enter their login data and a current TAN, which in turn enabled the fraudsters to see all the data in the account of the respective victim – including the amount of credit and availability. The perpetrators then contacted the victims and tricked them into revealing further TAN numbers as alleged bank employees. With the TAN, they were then able to withdraw funds from the accounts of the victims.”
The phishing emails were informing the recipients of changes in the bank’s security system