Scammers Impersonate Financial Regulators to Steal Personal and Banking Data

The first scam

• The email states that Osnabrück police have arrested some criminals and confiscated their hard drives, which contained citizens’ decrypted personal data. The email requests to assist them in the investigation by simply following a link to fill out a special online form on the fake Finanzmarktaufsicht site.
• It instructs the victims to enter personal information such as surname, first name, email address, phone number, and other banking information in the form. In addition, scammers provide an option to call the given number to receive expert assistance.
• Further, they assure victims to help return the funds stolen by the scammers, and allegedly ask for more information to prepare documents, along with banking details supposedly to reimburse the damage.

The decoy

• First of all, the sender’s address and the agency look suspicious and dubious. The online search for Finanzmarktaufsicht states it's an Austrian agency, not German.
• Information about the organization on the fake website looks as if it belongs to a bona fide government agency.
• Moreover, the fake site uses the logo of the Austrian government agency and there’s no organization with that name in Germany.

The second scam

• The email pretends to be from FINMA, an independent financial regulator operating in Switzerland.
• It reminds the recipient that back in 2015–2017 they supposedly invested in a real company called SolidCFD and now it has been closed down due to some illegal activity.
• The scammers trick the victims into believing that they want to help return the invested money and for that, they need some information.

Final thoughts