{"id":20356,"date":"2022-11-10T15:34:54","date_gmt":"2022-11-10T11:34:54","guid":{"rendered":"https:\/\/me-en.kaspersky.com\/blog\/scam-for-scam-victims\/20356\/"},"modified":"2022-11-10T15:35:08","modified_gmt":"2022-11-10T11:35:08","slug":"scam-for-scam-victims","status":"publish","type":"post","link":"https:\/\/me-en.kaspersky.com\/blog\/scam-for-scam-victims\/20356\/","title":{"rendered":"Fake financial regulators"},"content":{"rendered":"

Online fraud knows no bounds. Cybercriminals are adapting \u2014 not always successfully \u2014 their usual schemes for new countries. To wheedle out victims\u2019 personal and banking data, they send e-mails purporting to be from, among others, online marketplaces<\/a>, video streaming services<\/a> and, of course, government agencies<\/a>. Today we look at two separate scams in which cybercriminals impersonate financial regulators investigating, you guessed it, fraud. Under this pretext, they extract an array of personal information from their hapless victims.<\/p>\n

A German tragedy in two parts<\/h2>\n

\nThe first scam targets German residents. It starts with an e-mail in which an organization calling itself Finanzmarktaufsicht (the name suggests it has something to do with with financial regulation) states that Osnabr\u00fcck police has supposedly arrested some criminals and confiscated their hard drives, which were found to contain citizens\u2019 decrypted personal data \u2014 including the recipient\u2019s.<\/p>\n

\"E-mail<\/a>

E-mail seemingly from \u201cGerman financial regulator\u201d Finanzmarktaufsicht<\/p><\/div>\n

The e-mail goes on to state that, given the large number of victims, \u201cFinanzmarktaufsicht\u201d suspects organized crime to be at work. Hinting that the recipient of the e-mail could be one of the victims, the scammers ask them to assist in the investigation. Nothing complicated is required for this: simply follow the link to fill out a special online form, or call the number given in the e-mail.<\/p>\n

The message itself resembles an official e-mail: it contains the the logo of the \u201csender\u201d government agency, the actual address of a Berlin business center (home to several financial organizations, but none bearing the name Finanzmarktaufsicht), and contact details. At the end, the scammers have gone to the trouble of adding a perfectly genuine link to an article about a real investigation published on the website of one of Germany\u2019s most popular TV news shows.<\/p>\n

\"One<\/a>

One of the links in the e-mail points to a real article about a financial fraud investigation on the genuine website of a popular German TV news show<\/p><\/div>\n

Although at first glance the e-mail comes across very well, upon closer inspection certain tell-tale signs can be found showing it\u2019s bogus. First of all, the sender\u2019s address is suspicious. It has nothing to do with the government agency that allegedly sent it. And the agency itself looks dubious: A quick search online reveals that Finanzmarktaufsicht<\/a> is in fact an Austrian, not German, agency. The German equivalent goes by an even more officious-sounding name: Bundesanstalt f\u00fcr Finanzdienstleistungsaufsicht<\/a>.<\/p>\n

A user who fails to spot the deception and clicks the link is taken to an online form on the website of the bogus Finanzmarktaufsicht. And to receive \u201cexpert assistance\u201d, they need to enter the following details:<\/p>\n