In fresh weeks we have seen a rising wave cybercrime based on impersonating German Federal gross Office (BZSt). Cheaters send fake emails that at first glance look like authoritative fiscal correspondence. However, 1 click in the link or beginning of the attachment may consequence in loss of money or acquisition of individual data.
New method: professional embodiment under German fiscal
Criminals usage false email addressessuch as ‘info@bzst-zahlungsfrist.com“ or ‘news@bzst-infos.de“which are to imitate the authoritative domains of the office. In any cases they even usage an address ‘bzst.bund.de’, that is, an authentic government domain. This makes it importantly harder for the average user to admit fraud.
The intent of these messages is Instilling Trust and prompting the victim to opening the PDF Annex or click the link leading to a prepared website. The annexes allegedly contain taxation decisions, fine threats or taxation recovery information.
In fact, these papers contain malwarewhich may:
- Infect the operating system,
- take over data logging into electronic banking,
- access postal or corporate accounts,
- install spy programs.
False websites – data trap
By Service Ruhr24Cybercriminals went 1 step further and created professional-looking websitesthat frequently appear high in search results. They may include even Google Captchawhich further enhances their credibility in the eyes of the victim.
Unfortunately, the introduction on specified a page of yours bank data – e.g. login, password, card number – means them direct transfer to criminals. As a result, stealing bank accounts, cleaning bank accounts or making financial commitments to victims.
Office position: fiscal does not send attachment emails
Federal gross Office unambiguous cut off from the practice of sending e-mails with attachments or requests for bank data. All authoritative letters shall be served only by post or by safe Elster system.
Moreover, the office never threatens with immediate financial penalties, does not require a fast consequence within a fewer hours and does not direct users to external services.
Key elements of false messages
To avoid fraud, note the following informing signals:
- Invalid email address – real authoritative emails come exclusively from the domain bzst.dewith no extra tips.
- Language errors – authoritative correspondence does not contain typos or colloquialisms.
- Presence of Annexes – the office does not send PDF files to private individuals without prior contact.
- Threats and Pressures – messages containing ultimatum, e.g. "pay within 12 hours", are almost always a fraud attempt.
- Links to non-official sites – e.g. ending with .com, .info, .site – is simply a typical feature of the phishing campaign.
How to defend yourself against taxation phishing?
If you receive a suspicious message, you should take the following precautions:
- Do not open attachments or click on the link without checking the sender's address.
- Check Email domain – the address ending with ‘.de’ does not warrant authenticity if it contains additional members like ‘zahlungsfrist’.
- Report suspected fraud to a local taxation office or police.
- Use Elster – this is the only safe way to contact the German taxation office.
- Set two-component authentication in electronic banking and usage the current antivirus software.
Perspective: taxation phishing as a long-term threat
Attacks impersonating taxation offices are peculiarly dangerous due to the fact that exploit public assurance in state institutions. E-mails pretending to be correspondence from offices have much more effectiveness than average spam, and their professional preparation (e.g. the usage of real domains) makes even conscious users can fall for it.
According to experts, specified campaigns will increase especially during the period tax settlementswhen citizens anticipate decisions or taxation returns.
In the coming months, taxation authorities and cyber safety services will gotta step up education and informing activities. Cooperation with hosting companies and domain operators may besides be of key importance to block phishing sites and email boxes utilized by criminals more quickly.
More here:
Fake IRS e-mails. Cheaters scam data and empty accounts
