Phishing warning about fraudulent ELSTER e-mails
The Thuringian Ministry of Finance warns of a wave of ELSTER-related phishing. The fraudsters are targeting account information.
(Image: Bild erstellt mit KI in Bing Designer durch heise online / dmk)
The Ministry of Finance of Thuringia is warning of a current wave of phishing scams in which the perpetrators are sending victims supposedly ELSTER-related emails. Many citizens and companies take part in the electronictax return(ELSTER), which increases the likelihood that some will actually fall for the scam.
In their warning, the tax authorities write that an increasing number of emails with sender addresses such as elstersportall@t-online.de and subject lines such as "Infosteuer 2023 Finanzamt" are currently landing in users' inboxes. These directed potential victims to form websites with which they wanted to obtain data such as account access data and account and credit card information. However, the perpetrators may also have wanted to install viruses or Trojans on the victims' computers.
Promise of repayment as bait
"In the fake email, recipients are told that no refunds have yet been calculated for 2023 and that no one could be contacted by post. They are asked to fill in a form on a fake ELSTER website so that the amount can be calculated," explains the Thuringia tax office. The link to the form website is not connected to the ELSTER platform.
Some anomalies make it clear that the emails are not genuine, explain the tax officials. For example, the e-mail sender address ends in t-online.de and not elster.de, as official communication would. There are also no spelling mistakes in the official addresses, such as the extra "s" and "l" in the example shown. The email is sent to a distribution list, which is resolved as (verborgene_empfaenger), instead of specifically to the recipients of the email.
The tax authorities and ELSTER warn against responding to these fraudulent emails or clicking on the links in them. The tax authorities do not send tax data or invoices as email attachments, nor do they request personal information by email. There is also a corresponding warning on the ELSTER portal about fake emails.
Phishing is a persistent threat. This week, for example, the phishing radar of the consumer advice centers warned of a scam in which the perpetrators want to lure their victims with supposedly approved ticket refunds from Deutsche Bahn. As Deutsche Bahn is struggling with many delays, it is more likely that potential victims have actually applied for a refund.
(dmk)