The word Phishing is a contraction of the words « Password », « Harvesting » and « Fishing ». Fraudsters phish in order to gain confidential data from unsuspecting Internet users. This may, for example, be access data for e-mail accounts, online auctioneers (e.g. eBay) or for Internet banking. The fraudsters take advantage of their victim's good faith and helpfulness by sending them e-mails with false sender addresses. The e-mails tell the victims, for example, that their account details and access data (e.g. username and password) are no longer secure or up-to-date and they need to be changed at the link provided in the e-mail. The link, however, does not lead to the genuine page of the respective service provider (e.g. the bank) but the fraudster's apparently identical web page.

Effects and risks

  • With the data thus obtained, a fraudster can perform bank transactions using the victimised Internet user's name to place offers at an online auction.
  • With stolen e-mail login data, fraudsters get full access to the e-mail account. The attackers are able to exctract and analyse all data and for example send fraudulent and counterfeit e-mails to contacts in the address book in the name of the victim.
  • Reputable internet service providers will never ask you for your login or password via e-mail or phone.

The main rules of conduct for dealing with e-mails help to protect you from machinations of this kind:

  • Be wary of any unsolicited e-mails you receive. Particularly trustworthy companies are often used as false sender addresses.

  • Be careful if you receive e-mails that require action on your part and that carry a threat of consequences (loss of money, criminal charges, blocking of account or card, missed chance, misfortune) if the action is not performed.

  • Do not open any attachments or click on any links in suspicious e-mails. 

Specialist staff
Last modification 28.10.2016

Top of page

MELANI operates a special website, where links of phishing sites and phishing e-mails can be announced.