According to a press release, the Cybercrime Center (LZC) of the General Public Prosecutor’s Office in Koblenz accused a 27-year-old man from Montabaur of computer hacking. According to the results of the investigation conducted by the cybercrime department of the State Criminal Police Office (LKA) in Rhineland-Palatinate, the accused is charged, amongst other things, with the sending of 46,000 phishing emails between September 2015 and November 2015. Police reported that the suspect sent out the phishing emails to acquire login credentials for the victims’ PayPal and DHL Paket GmbH (Germany’s national postal service) accounts to use these in a further step for the commission of other criminal offenses.
According to law enforcement authorities, there is a reason to suspect that the defendant had designed a total of 23 different phishing emails, which he sent to various e-mail recipients. The mails contained either an indication of a security problem with a PayPal account or the request to accept new terms and conditions of the “DHL Paket GmbH”. Victims had the impression that it is an individual message addressed to the recipient by PayPal or DHL Paket GmbH. For this purpose, the emails were designed to imitate the standardized design of the two companies.
When the link specified in the email was clicked, the recipient was forwarded to a website that the suspect had previously set up. Here, the access data, including the password and the banking details, could be entered in several steps. Subsequently, the data would have been forwarded to the suspect.
There is also the reasonable suspicion that the alleged offender had ordered narcotics from forum or a marketplace on the dark web with the purpose to resell them to unknown customers. In a further 60 cases, the accused allegedly ordered goods, vouchers, tickets and services from various legitimate companies on the internet using third party personal data, including Amazon and PayPal login credentials. The defendant is also accused of having unauthorized access to email mailboxes of internet users, and to have “spied on” personal documents of the injured parties.
“There is, therefore, the suspicion that the alleged offender has committed a criminal offense because of crimes against the BtMG [the Narcotics Act in Germany], because of computer fraud with a damage in four-digit height as well as other computer crimes,” the press release goes by.
The 27-year-old had not admitted any of the accusations against him. The prosecution had been brought to the magistrate’s court of the Montabaur District Court since one of the recipients of the phishing emails from the District Court of Montabaur filed a complaint. The investigation was initiated in September 2015 due to that criminal complaint. Updates in the case could be expected in the near future.
Phishing emails is a favorable tool used by cybercriminals to acquire the precious personal, financial, and login details of the victims. The news outlet wired.com interviewed cybercrime experts on how to avoid such cases.
“At the heart of phishing is a scam,” Aaron Higbee, chief technology officer at the phishing research and defense company PhishMe, said in a statement. “The people who are sending a phishing email have to be clever email marketers to get a user to engage.” Often they do this by preying on your emotions.
Experts recommend internet users to “listen to their guts”, and when something feels off, it probably is. Since the purpose of phishing is to get victims to do something without raising the alarm, this task feels hard. According to the experts, people should start practicing skepticism to avoid scams and fraud attempts. Users should be generally reluctant to download attachments and click links, no matter how they seem or who appears to have sent them. Cybersecurity specialists also recommend having a backup precaution, such as enabling multi-factor authentication on all accounts offering the service, using a password manager, or other software to maintain long and random login credentials, to avoid the loss of the users’ accounts after a successful phishing attack.