Germany’s Federal Office for Information Security has recently warned that cybercriminals have compromised the online accounts of 16 million people. It appears that scammers are already putting the stolen information to good use.
The account credentials have been stolen by cybercriminals with the aid of malware. The German government has set up a service that allows people to check if they’re among those affected.
Experts from Trend Micro have identified one user in Germany whose email account was hijacked and utilized to send out messages to his contacts. He changed his passwords after noticing that both his email and Facebook accounts had been tampered with.
But that didn’t stop the scammers. They continued to send out emails to the user’s contacts from an address that was similar to his/hers, but which had an extra letter in the name.
The fake notifications sent out by the crooks informed recipients that the sender was in a foreign country and needed some money because he/she was mugged. These types of scams have been making the rounds for years.
Users from Germany (and not only) are advised to follow security best practices in order to protect their accounts.
Make sure different strong passwords are set for each online account. If you can’t remember complex passwords, use a password manager.
If possible, enable two-factor authentication since this is currently one of the best defenses against account takeovers.
Try to avoid logging in to accounts, particularly important ones, from public devices such as the ones in Internet cafes.
If you live in Germany, check out the website set up by the government. If your account has been compromised, change its password and keep an eye out for any suspicious communications.