Fraud Schemes in the run-up to Christmas
Cyber criminals are currently trying hard to get their victims' money through various scams. For your protection, we will present three currently common methods in more detail. Stay vigilant because the methods used by fraudsters may vary and evolve constantly.
Fraud scheme 1: Investment scam - beware of fabulous promises of returns!
Be skeptical when unrealistic/fabulous returns are promised on unknown investment platforms. The old principle still applies: If quick riches are promised and something sounds too good to be true, then it is usually a scam!
In this scam, victims are enticed to register with a supposed "investment platform", for example through online advertising with promises of high returns. This is followed by intense "advice" from alleged "brokers" (in reality, these are the fraudsters) to persuade victims to make an initial deposit. The criminals often try to access your PC or smartphone via remote access software and justify this by saying that they need to "set up and explain the user account".
By presenting non-real "profits" (which are simulated on the fake platform), victims are lured into investing larger sums. Therefore, do not invest if someone tries to persuade you hard and, if in doubt, check the provider's reliability first.
More on investment scam and remote-access software
Fraud scheme 2: Fraud on second-hand platforms (Vinted, Shpock, willhaben, etc.)
As described in our warnings from April and October, there have been fraud attempts on second-hand platforms platforms such as Vinted, willhaben, Shpock and eBay for some time now. The criminals mainly contact newly registered sellers via the platform's chat function, pretending to be an interested buyer and asking for an email address so communication can be shifted away from the platform’s chat towards regular email.
If you follow this request, you will receive a link to a (fake) "sales processing page" in the design of the platform. Usually, there will be a note that the seller's bank account still needs to be "verified". However, this phishing page is used only to obtain the victim's internet banking credentials – including an authorisation of the login, which the fraudsters carry out at the same time.
If the perpetrators manage to gain access to your internet banking in this way, they will next try to obtain QR activation codes to link their device to your account. Please never share QR activation codes with strangers (e.g. by taking pictures via a second phone) and break off communication immediately in such cases!
Fraud scheme 3: Daughter-son trick on WhatsApp
Criminals continue to use WhatsApp to contact potential victims, pretending to be your "son" or "daughter". The fraudsters describe a fictitious emergency, e.g. a faulty mobile phone, and then ask you to transfer money.
If you are contacted in this way from a previously unknown phone number, ignore the requests and, if in doubt, contact your relatives on their usual telephone number.
More about this scam on WhatsApp.