{"id":20576,"date":"2022-11-10T03:30:04","date_gmt":"2022-11-10T11:30:04","guid":{"rendered":"http:\/\/www.palada.net\/index.php\/2022\/11\/10\/news-14309\/"},"modified":"2022-11-10T03:30:04","modified_gmt":"2022-11-10T11:30:04","slug":"news-14309","status":"publish","type":"post","link":"https:\/\/www.palada.net\/index.php\/2022\/11\/10\/news-14309\/","title":{"rendered":"Scammers pretend to be financial regulators | Kaspersky official blog"},"content":{"rendered":"

Credit to Author: Olga Svistunova| Date: Thu, 10 Nov 2022 11:26:56 +0000<\/strong><\/p>\n

Online fraud knows no bounds. Cybercriminals are adapting \u2014 not always successfully \u2014 their usual schemes for new countries. To wheedle out victims’ personal and banking data, they send e-mails purporting to be from, among others, online marketplaces<\/a>, video streaming services<\/a> and, of course, government agencies<\/a>. Today we look at two separate scams in which cybercriminals impersonate financial regulators investigating, you guessed it, fraud. Under this pretext, they extract an array of personal information from their hapless victims.<\/p>\n

A German tragedy in two parts<\/h2>\n

The first scam targets German residents. It starts with an e-mail in which an organization calling itself Finanzmarktaufsicht (the name suggests it has something to do with with financial regulation) states that Osnabr\u00fcck police has supposedly arrested some criminals and confiscated their hard drives, which were found to contain citizens’ decrypted personal data \u2014 including the recipient’s.<\/p>\n

\"E-mail<\/a><\/p>\n

E-mail seemingly from “German financial regulator” Finanzmarktaufsicht<\/p>\n<\/div>\n

The e-mail goes on to state that, given the large number of victims, “Finanzmarktaufsicht” suspects organized crime to be at work. Hinting that the recipient of the e-mail could be one of the victims, the scammers ask them to assist in the investigation. Nothing complicated is required for this: simply follow the link to fill out a special online form, or call the number given in the e-mail.<\/p>\n

The message itself resembles an official e-mail: it contains the the logo of the “sender” government agency, the actual address of a Berlin business center (home to several financial organizations, but none bearing the name Finanzmarktaufsicht), and contact details. At the end, the scammers have gone to the trouble of adding a perfectly genuine link to an article about a real investigation published on the website of one of Germany’s most popular TV news shows.<\/p>\n

\"One<\/a><\/p>\n

One of the links in the e-mail points to a real article about a financial fraud investigation on the genuine website of a popular German TV news show<\/p>\n<\/div>\n

Although at first glance the e-mail comes across very well, upon closer inspection certain tell-tale signs can be found showing it’s bogus. First of all, the sender’s address is suspicious. It has nothing to do with the government agency that allegedly sent it. And the agency itself looks dubious: A quick search online reveals that Finanzmarktaufsicht<\/a> is in fact an Austrian, not German, agency. The German equivalent goes by an even more officious-sounding name: Bundesanstalt f\u00fcr Finanzdienstleistungsaufsicht<\/a>.<\/p>\n

A user who fails to spot the deception and clicks the link is taken to an online form on the website of the bogus Finanzmarktaufsicht. And to receive “expert assistance”, they need to enter the following details:<\/p>\n