Following a home raid by Germany’s federal criminal police (BKA), a 24-year-old man has been arrested and charged for orchestrating a large-scale phishing operation that scammed online users of €4,000,000. A second one was also charged with 124 acts of computer fraud, while the third suspect is still the subject of investigations. The phishing attacks have occurred between October 2020 and 29th of May 2021.

How Did the Operation Take Place?

The three men deceived their victims into handling them money by impersonating legitimate German banks in their phishing emails.

The emails warned the recipients that upcoming modifications to the bank’s security system would unavoidably have an effect on their accounts. According to BKA, the clone emails were almost impossible to distinguish from real bank emails.

According to BleepingComputer, the victims were asked to log in to a phishing website and hand over their credentials to the criminals in order to continue using the bank’s services. They were also asked to enter their TAN (transaction authentication number) allowing the hackers to log onto their e-banking accounts and make money withdrawals.

 The websites, servers, and networks of the companies were overloaded by masses of automated queries, causing the online services to be unavailable or their availability severely restricted.


Threat actors even used Denial-of-Service-Attacks (DDoS) against banks, in an effort to hide their fraudulent transactions. According to the same source, the hackers allegedly turned to other cybercriminals who work for the dark web.

If you liked this article, follow us on LinkedInTwitterFacebookYoutube, and Instagram for more cybersecurity news and topics.

What Is Online Impersonation?

DDoS Attack. How Distributed Denial of Service Works and How to Prevent It

Phishing attacks explained: How it works, Types, Prevention and Statistics

Leave a Reply

Your email address will not be published. Required fields are marked *