Get your money back
Cybercriminals are increasingly gaining unauthorized access to other people’s accounts and login credentials. Using phishing emails or data leaks, they obtain their victims’ login information and can then log into and take over their accounts. The resulting online shopping account is often used to sell illegal goods without the victim being aware of it until the police arrive.
Another strategy is to create a new account in someone else’s name. Beforehand, cybercriminals collect pictures and private data from their victims. They then use this information to populate the corresponding social media profiles. As a next step, family members or friends of the affected person are asked to help them out in a financial emergency. At the same time, links to infected websites are sent out.
Online banking fraud is a widespread form of organized crime in which perpetrators not only attack customers’ assets, accounts, and wallets, but also cause significant economic and social damage. Most recently , around 15 million cyberattacks using malware were registered in Germany .
Below you will find information and recommendations for action if you have become a victim of credit card fraud, phishing attacks, or other forms of online fraud. You will also learn what to do in the event of an account hack and how to get your money back .
What types of fraud are there?
Bank fraud can be committed in various ways, both through physical and digital methods. There are a multitude of fraudulent practices and techniques, including:
Chatbots as a new threat: Cybercriminals use artificial intelligence for bank account hacks
Cybercriminals are increasingly using chatbots like ChatGPT or other AI applications to access bank accounts. Systems using artificial intelligence can generate spear-phishing emails very quickly, making such attacks more dangerous and effective than ever before. A recent phishing scandal at German banks resulted in millions of euros in losses.
In many cases, consumers can defend themselves against the economic consequences of credit card misuse or bank account fraud.
Credit card fraud: Bank refuses to cover the loss
A client noticed numerous unauthorized withdrawals from his account, even though he immediately had his card blocked and did not authorize the payments. The bank refused to accept responsibility and compensate the client for the resulting losses, arguing that the client had obviously been too careless with his payment information. According to case law, banks are generally liable for unauthorized withdrawals unless gross negligence on the part of the client can be proven. Whether and when such gross negligence exists must be examined on a case-by-case basis. Since banks carry appropriate liability insurance, many cases can be settled out of court.
Phishing attacks: Millions in losses and legal consequences
Many bank customers are now exposed to a significantly increased risk of fraud and attacks due to the circulation of highly professional phishing emails, some generated using AI and LLM bots. This fraudulent method uses bank customers’ personal data to gain their trust, often leading victims to disclose further information due to the perceived need for such services. Attackers are aided by the fact that banks often still use technical systems that allow access to accounts without additional TAN confirmation or other two-factor authentication (2FA), which considerably facilitates fraudsters’ access to sensitive data.
Banks are generally liable for unauthorized debits.
In cases of unauthorized debits, transfers, and direct debits , the executing banks are generally liable . However, the bank is not liable if gross negligence on the part of the customer can be proven.
Even in cases of gross negligence on the part of the customer, the bank’s liability is not completely excluded if the bank is also at fault due to organizational or technical reasons.
What can victims do in case of credit card fraud?
Victims of credit card fraud should immediately block their account, inform the bank, file a criminal complaint and seek expert advice.
Frequently Asked Questions
Phishing is a fraudulent technique in which scammers try to steal personal information. Protect yourself by not sharing sensitive information through unsecured channels and by being wary of suspicious emails.
Spear phishing is a phishing attack that targets a specific individual or group of people within a company or organization. Victims are tricked into revealing further confidential information, downloading malware, or unknowingly making payments to the attacker.
Be wary of suspicious emails from unknown senders and check website URLs before entering personal information. A simple test you can perform on suspicious emails is to hover your mouse cursor over the sender’s address. This will display the sender’s full email address, which often differs from the address shown in the subject line by your email program.
In credential stuffing, cybercriminals attempt to gain access to multiple accounts using stolen login credentials. These credentials are usually shared in lists on the dark web and are typically stolen through hacks of other platforms. Cybercriminals assume—and are often correct—that many users employ only one password for various websites.
The criminals use these lists to try their luck on various platforms, repeatedly gaining access to further accounts of their victims. At the beginning of 2023, this method compromised approximately 20,000 accounts belonging to the online pharmacy DocMorris.
No. While it’s true that a strong password generally protects your account better than weak passwords like “password123” or “abcdefgh”, if criminals gain access to your login credentials by hacking a platform, even the strongest password won’t help. If you use the same password for different portals, hackers can try to gain access to multiple accounts. To prevent such attacks, you should set up additional two-factor authentication (2FA) for all accounts.
If you become a victim of online banking fraud, you should block your account, inform the bank, and file a police report. Furthermore, you should scan your computer/laptop with up-to-date antivirus software or hand the device over to an IT forensics expert. We work with several IT forensics experts who can assist you in securing further evidence.
You can protect yourself from credit card fraud by keeping your credit card information secure, regularly checking bank statements, and immediately reporting suspicious transactions. Passwords should not be sent via email and should be created and stored using a password manager. Where possible, you should set up two-factor authentication (2FA) or use passkeys.
In many cases, banks can also be held liable for losses due to online banking fraud, unless gross negligence can be proven on the part of the customer.
First, inform your bank about the incident. If your bank does not provide satisfactory support, we are happy to assist you. Our team offers a free initial consultation, during which we analyze your individual situation and outline the best course of action.
In many cases, legal expenses insurance covers the costs of legal advice and enforcement in out-of-court and court proceedings related to cyberattacks. Our law firm will obtain the necessary coverage confirmation free of charge for those affected.
Have you also been a victim of online banking fraud?
Find out how we can help you by filling out our contact form below or sending us an email directly.
The initial consultation, which can also be conducted via video call using Teams, Zoom, or Google Meet, is always free of charge .
Your Contact Person
