The savings banks use the pushTAN 2.0 procedure for online banking. But scammers take advantage of that.
Sparkasse customers: New scam with pushTAN 2.0
Savings bank customers should be on the lookout for fraudulent short messages these days. Because the “Computer Emergency Team of the Savings Banks Finance Group” warns of phishing SMS sent by fraudsters under the pretext that the customer should switch to pushTAN 2.0.
The savings banks write that fraudulent SMS are currently being distributed in the name of the savings banks. Under the pretext of an alleged switch to pushTAN 2.0, the gangsters would try to persuade the recipients of the short messages to call up a fraudulent website (phishing site). There is an https link in the SMS for this – a screenshot of such a phishing SMS can be found here. Savings bank customers should enter their online banking access data, their date of birth and the data of their savings bank card on said website.
The computer emergency team of the Sparkassen-Finanzgruppe urgently warns of these SMS. If you have already entered data on the phishing site, you should contact your savings bank immediately to block your online banking access.
The pushTAN 2.0 procedure actually exists. You can find out more about this here in a Sparkasse weblog.
These new phishing SMS in connection with the pushTAN 2.0 procedure are only the latest version of this scam. Other short messages have been circulating for a few days, which also use the pushTAN procedure as an excuse to lure customers into the trap. These SMS are all structured very similarly, you can read more about this here.