Phishing Attack via SMS Messages

Phishing attack via SMS messages

Access data phishing on behalf of Deutsche Bank and other well-known credit institutions.

Recently, the SMS celebrated its 30th birthday. For many users, this is an occasion to remember a communication tool that they seem to use only rarely. However, cybercriminals see it differently to a certain extent and continue to use SMS as a phishing channel to capture personal digital credentials. This is also shown by an elaborate German example from a global study by Bitdefender on SMS scams, which was presented today.

Fake website of the Ministry of Finance

In Germany, hackers are currently using a campaign to initially lure private individuals to a supposed website of the Federal Ministry of Finance. The text message promises a payment or a refund of an amount of their electricity bill if they follow the provided link. This link refers to a fake website of the Ministry of Finance. The online appearance suggests security: the addressees are first supposed to confirm that they are not a robot and go through a captcha check. After that, they are taken to a website of the Federal Ministry of Finance.

Various banks are listed. By clicking on them, the users are supposed to log in to their respective credit institution and enter their access data there in order to then receive the money. The bank’s online presence also looks trustworthy at first glance, but the address bar shows that users are still on the imitated page of the supposed Ministry of Finance and not on the credit institution’s website as usual. The Federal Network Agency has already warned against the fake website.

Linguistic errors point to websites

Users should therefore immediately become suspicious of these links. Although the supposed websites are well made, they show linguistic errors.

The following links were found on victims’ smartphones via SMS as part of the campaign:


The attackers use SMS because it is still sometimes used as a communication channel in some companies and even organizations today. As with emails, the creators of the campaigns exploit the current news situation for their own purposes. In doing so, the originators play off regional content and also pick up on current issues, such as information on energy prices or peak travel times.

The cybercriminals know that any link in the SMS that redirects to a malicious website is easy for a security solution to detect. Therefore, they constantly modify the links and text messages to remain anonymous.

Mobile smartphone security solutions have protection features against such threats. These warn users about suspicious links in SMS messages that hackers can use to spy on financial data, usernames and passwords, and other sensitive information – such as the Scam Alert in Bitdefender Mobile Security for Android.