Phishing warning: fraudulent Elster app and broadcasting fee refund
The NRW consumer advice center warns of phishing emails with a fraudulent Elster app and alleged refunds of the broadcasting fee.
(Image: Bild erstellt mit KI in Bing Designer durch heise online / dmk)
Online scammers are now trying to trick potential victims into installing malicious apps. They are also trying to obtain data from recipients who are hoping for a refund of broadcasting fees. The North Rhine-Westphalia consumer advice center warns against this.
(Image:Â Verbraucherzentrale NRW)
In a recent statement, the consumer protection organization explains that phishing emails landed in recipients' inboxes last weekend with the subject line "Your digital certificate - action required", asking them to install the "ElsterSecure+" app. The message text builds up pressure by referring to the "obligation to cooperate in the context of tax verification". The installation of the app is necessary, it serves "secure authentication and the protection of your sensitive data in the context of digital tax communication".
Fake Elster app
However, the real app used by the federal authorities for authentication is called "ElsterSecure", without a plus sign. Receipts can be entered using the real app "MeinELSTER+". The NRW consumer advice center assumes that the app is malicious and, for example, accesses the phone book to steal contact data or monitors the screen to capture log-in data. heise online does not have the app and we are unable to check it. Recipients of these messages should not click on the "Go to trial" button and should not install this app.
Videos by heise
Since last weekend, phishing e-mails have also been circulating again, purporting to offer the prospect of a refund of broadcasting fees. The text of the email claims that feedback from potential victims is necessary in order to "complete the process as quickly as possible". Recipients may be entitled to a refund if an overpayment has been made on their account or discrepancies have arisen in the billing. After clicking on the "Check refund status" button in the email, a fraudulent website opens, which sends all the data entered there to criminals, the consumer advice center explains. They could misuse the information for identity theft, for example. The consumer advocates also point out that the contribution service does not contact contribution payers on its own initiative to check claims for refunds. If you have any questions, you should use the contact options on the official website rundfunkbeitrag.de.
The phishing scam remains a persistent threat. Last week, both the LKA Lower Saxony and Host Europe warned of a massive phishing campaign targeting the provider's customers.
(dmk)
