Exclusive Student Offer

Prime for Young Adults

Get a 6-month trial with premium college perks & fast delivery.

Start Free Trial
Listen Anywhere

Audible Standard Trial

Get 30 days of audiobooks free. Cancel anytime, keep your books.

Claim Free Books

Fraudsters are sending emails regarding a supposed S-pushTAN update. The Consumer Advice Center warns against clicking links and pressure due to threats of account suspension.

The Consumer Advice Center (VZ) warns of a new phishing email impersonating Sparkassen. The message demands a “mandatory update” of the S-pushTAN app, claiming that this is the only way to continue processing transfers and payments.

Consumer Advice Center Warns of Typical Phishing Tactics

According to VZ, the most concerning aspect is that the email also demands confirmation of the user’s identity and threatens potential account restrictions. The typical red flags mentioned by consumer protection experts include an untrustworthy sender address, impersonal greetings, included links, and the sense of urgency created.

Report Suspicious Sparkassen Emails Directly

Suspicious messages can be forwarded to [email protected] so that the Sparkassen’s computer emergency team can evaluate them. This is handy for users as it allows them not only to ignore a suspicious email but also to report it to the official authorities.

Anyone who receives the email should not click any links and delete the message immediately. (Symbol photo) IMAGO / Lobeca

Recognizing Phishing Emails Despite Professional Language

The Federal Office for Information Security (BSI) points out that phishing emails today often appear to be linguistically professional, and errors or strange characters are no longer reliable indicators of phishing. A more technical approach is advisable: In HTML emails, the visible sender address may hide a different address, which can be checked using a mouseover on the sender line or in the source code.

Moreover, a padlock symbol on a website offers no more than a superficial trust signal, as fraudsters also utilize certificates. According to the BSI, pay special attention to suspicious addresses with strings of numbers or characters, disguised short URLs, and unusual requests—such as a TAN without a triggered transaction or repeated prompts for already known data like name, address, or IBAN after a supposed login.


Get Audible 30-Day Free Trial

As an Amazon Associate, we earn from qualifying purchases.