heise PlusAbo
Anzeige

Sparkasse: Fraudsters jump on S-pushTAN problems

Nimble fraudsters have set up scam sites to lure victims who had problems with online banking on Sunday.

listen Print view
Caution sign next to savings bank logo and scam text messages

(Image: heise online / dmk / Imke Stock)

2 min. read
Security
By

There were problems with the Sparkasse's online banking on Sunday at the weekend: Transactions could not be carried out because the S-pushTAN app simply rejected attempts to approve them with error messages. Fraudsters also saw this as an opportunity and immediately set up a themed phishing campaign.

During the night, text messages landed on the smartphones of non-Sparkasse customers with the message: "Sparkasse: Your pushTAN app is about to expire. Update now at: <URL>. Thank you very much. Your Sparkasse". The URL given contains a browser switch and leads nowhere in a desktop web browser. On smartphones, however, potential victims land on an authentic-looking website. Victims are asked to enter their data there, but there is currently no download of an updated pushTAN app.

On the smartphone, the phishing page displays a genuine-looking replica of a savings bank page. On the desktop, however, the web browser ends up with nothing.

(Image: Screenshot / dmk)

Fraud filters such as Safe Browsing or the phishing and malware protection in Firefox are not yet effective. Anyone who enters their access data on this website is passing it on to fraudsters who can use it to cause damage.

Recipients should therefore not click on any link in this message or type in the URL and surf to it, but should simply delete the message. Anyone who has entered data on the fraudulent website should change their access password if this is still possible, and contact the relevant savings bank as soon as possible. This is so that any transactions that have been initiated can still be canceled. Any S-pushTAN apps registered on other smartphones can be deactivated. It is also advisable to report the fraud to the local police.

Videos by heise

Whether the fraudsters were actually rapid to respond to the problems that occurred with the S-pushTAN app with their scam or just happened to catch a time when this fraud message scam fits cannot be clarified at present. However, the messages promise to be more successful than usual, as transactions in Sparkasse online banking could not actually be authorized with the S-pushTAN app on Sunday of the weekend. Several failed attempts even resulted in accounts being blocked. If necessary, those affected should contact their savings bank to have their online banking unblocked again.

(dmk)

Don't miss any news – follow us on Facebook, LinkedIn or Mastodon.

This article was originally published in German. It was translated with technical assistance and editorially reviewed before publication.

Beliebte Bestenlisten

Alle Angebote
Newsletter heise-Bot heise-Bot Push Nachrichten Push Push-Nachrichten