Police Warns of Phishing Attacks on Bank Customers

Customers of Volksbank and Raiffeisenbank in Lower Saxony are currently at heightened risk of falling victim to a phishing attack. The Lower Saxony State Criminal Police Office has warned of a recent wave of attacks in which fraudsters are sending out mass phishing emails. These emails are designed to lure recipients into a trap and steal their sensitive data. The phishing emails claim to be from the banks and urge recipients to update their data for the Smart-TAN procedure. The subject line states that the customer's account has been selected for a scheduled review.

The emails are impersonal and do not contain any real customer data, which is an indication of their forgery. A notable feature of the emails is a blue button labeled "Perform Confirmation." Clicking on this button redirects the user to a fake website that is not associated with the official domains of the banks. There, victims are prompted to enter their online banking credentials to supposedly renew their TAN procedure. The fraudsters attempt to act under time pressure.

The emails specify a deadline by which the data must be updated. In this case, the date was April 22, 2026. This tactic is intended to prompt recipients to act quickly without questioning the authenticity of the request. After entering their credentials, victims are asked to provide additional personal information such as name, address, phone number, email address, and date of birth.

The fake website then confirms the input and pretends to have successfully completed the verification. Another aspect of the scam is the follow-up phone call that occurs after the data entry. The fraudsters call the victims and pose as bank employees. In these conversations, there is a risk that further sensitive information will be requested. Additionally, the perpetrators may attempt to initiate payments disguised as necessary confirmations of TAN entries.

To reassure the victims, the genuine website of Volksbank and Raiffeisenbank is displayed after a countdown of about 30 seconds. This trick is meant to create the impression that everything is fine and that the victims have been redirected to the official site. The police warn that this is a common method to gain the trust of victims. They recommend being particularly cautious with suspicious emails and not disclosing any personal data. Customers should contact their bank directly if they are unsure whether a request is genuine.

Security authorities advise checking the sender's email address carefully and, in case of doubt, not clicking on any links in the email. The current wave of phishing is part of a larger trend in which cybercriminals increasingly use automated methods to carry out their attacks. The perpetrators rely on a scattergun approach, sending out mass emails in the hope that some recipients will fall for the scam. The police have already registered several cases in which customers have fallen victim to the fraudsters. Security authorities recommend regularly checking one's account movements and acting immediately in case of suspicious activities.

Customers should also change their passwords regularly and use strong, unique passwords to protect their accounts. The police have emphasized that educating citizens about such scams is of great importance. The Lower Saxony police have called on the public to report suspicious emails and to stay informed about current scams. Raising awareness about phishing and other forms of fraud is an important part of the police's prevention work. The agency has already created informational materials that are available on their website. "We need to raise awareness and help people recognize such fraudulent attempts," said a police spokesperson. "Everyone should be aware that banks never ask for personal data via email."