Phishing: Bluesky, AOKs and consumer advocates warn of fraudsters
Whether Booking, Bluesky, Paypal or other platforms. Be cautious with emails asking you to click on a link.
(Image: Sadi-Santos/Shutterstock.com)
Bluesky's security department reports an increase in phishing and social engineering attempts targeting the platform's users. While Bluesky is strengthening its own protective measures, it is urging its users to be vigilant. Finally, Bluesky provides a short security checklist.
As the platform also recommends strong passwords and, if necessary, a password manager. Two-factor authentication (2FA) is also advised, not only for Bluesky itself but also for the associated email account. Further recommendations include checking passwords, ignoring scam attempts, and reporting suspicious accounts. On Bluesky, official and verified accounts can be recognized by a blue checkmark.
Booking.com
Besides financial service providers and insurance companies, a persistent issue in phishing messages is also Booking.com. Readers regularly contact heise online to report incidents where fraudsters have information about genuine bookings.
Videos by heise
Booking told the editorial team in mid-October only the usual: there had been no data protection violation on the platform: “There is no data leak from Booking.com systems, and Booking.com has not been hacked,” the company stated. Meanwhile, more customers have come forward who were targeted for phishing attacks. For months, the cause could not be clarified.
Booking.com points to potential causes such as malware on the accommodation providers' computers or “compromised third-party tools and platforms that are not our Booking.com platform and that an accommodation provider uses to process and/or store reservation data,” according to a spokesperson. The company promises to continue investing in fraud prevention. Actual incidents are rare given the “global reach and the number of transactions we process through our platform.” Incidents should be reported to customer service, which is said to be available around the clock. Booking.com also refers to security tips.
AOK
Since the beginning of 2025, there have also been phishing attempts targeting AOK customers. However, people are contacted indiscriminately, regardless of whether they are AOK customers or not. In mid-October, AOK again warned about further emails in which customers are promised a supposed credit—usually under 500 euros for the past five years. The fraudsters could exploit the fact that some AOKs have a health budget, where insured people can submit a subsidy of up to 500 euros for additional health and prevention services.
Deutsche Bank, PayPal, Disney+, Netflix
Deutsche Bank, on the other hand, is asking customers to perform “skarte customer authentication” for account security. To achieve this, potential victims are urged to click on a fraudulent link. heise online has received phishing emails about this. Another scam targets, according to the consumer advice center's Phishing Radar PayPal customers, who are asked to update their phone number. In addition, fraudsters are targeting customers of the streaming service providers Disney+ or Netflix. Disney+ has an alleged payment problem, and Netflix's subscription has expired. Anyone who wants to check if their data appears in a leak can enter their email address at haveibeenpwned.de, for example. Those who are free of data leaks will be greeted with a confetti shower.
Megatipp Emergency Call Services
For years, for example, on Reddit has been reporting on debits from “Megatipp Emergency Call Services.” Recently, the consumer advice center also warned that fraudsters are debiting large sums. Allegedly for storing emergency data and contacts, which numerous services and even the electronic health card have already enabled for years. The consumer advice center recommends refunding 89.90 euros and “dispute, revoke, and contest the contract.”
It is still unclear where the criminals obtained the financial data. heise online used an initially available online form on the website filled with AI content to enter data but was not contacted by the fraudsters. According to information from the consumer advice center, the calls could “possibly be related to unauthorized telephone advertising or the unlawful disclosure of personal data.” Affected individuals reported having been called multiple times by unknown numbers beforehand. They also state that they “never consciously participated in a prize draw,” it continues.
Consumer advocates recommend informing the data protection authority responsible for the advisory center in Baden-WĂĽrttemberg. However, it is likely to be difficult to clarify the case, as the fraudsters are probably based abroad. The imprint lists an address in Stuttgart for the fraudsters.
The insidious thing is that the fraudsters pretend to be recommended by the “Deutsche Vorsorge Beratung” (German Precautionary Advice Center). The imprint of the fraudulent website of the “Deutsche Vorsorge Beratung” also lists the same address where the Westphalia-Lippe Association of General Practitioners is located. The Deutsche Vorsorgeberatung, which actually exists, has been warning about unauthorized advertising calls in its name since 2023.
(Image:Â Deutsche Vorsorgeberatung)
(mack)
