Warnings issued by Pforzheim city about deceptive emails circulating
The city of Pforzheim, located in the state of Baden-Württemberg, Germany, has been the victim of a phishing attack. A series of fraudulent emails, allegedly from the central procurement office of the city, have been circulating, prompting a warning from the city administration.
Recipients are urged not to respond to these emails, as any phone and contact information or event dates mentioned may no longer be valid. It is crucial to note that the city's website has stated that such emails will never be sent from the central procurement office.
The emails, which are often considered one of the biggest nuisances on the internet, ask companies to check supposed invoices or outstanding items and debts and report them to the sender. However, the city clarifies that they do not ask companies to perform such actions.
The emails are usually not sent to the intended recipients but instead go to scammers. In this case, at least some of the emails are signed by a non-existent employee named "Bianca Hiller". The subject line of the emails reads "Review of outstanding invoices - City of Pforzheim - Central Procurement Office".
The city advises recipients to carefully check the sender of such emails. Official city email addresses consist of "[email protected]" or functional designations such as "[email protected]". The city's police recommend reporting phishing emails, such as the ones received in this case, via the online police station of Baden-Württemberg.
To combat phishing threats, organizations can employ a combination of technical safeguards and user education. Technical measures include email authentication protocols such as SPF, DKIM, and DMARC, strong multifactor authentication, and advanced filtering and threat detection.
User training is also essential. Regular training tailored to current phishing tactics helps users recognize key signs such as impersonation, urgent and fear-inducing language, and unexpected requests for sensitive actions. A simplified reporting mechanism, such as a "Report Phishing" button in email clients, encourages more consistent user reporting, enhancing organizational security.
By combining these technical safeguards with ongoing user education and easy reporting workflows, organizations can effectively identify and mitigate phishing threats similar to fraudulent emails impersonating official entities like the City of Pforzheim’s procurement office.
[1] O'Mahony, S., & Kharraz, M. (2021). DMARC, SPF, and DKIM: The Basics of Email Authentication. Retrieved from https://www.cloudflare.com/learning/dns/dmarc/what-is-dmarc/
[2] SPF Record Lookup. (n.d.). Retrieved from https://mxtoolbox.com/spf.aspx
[3] Phishing: What it is and how to avoid it. (n.d.). Retrieved from https://www.ncsc.gov.uk/collection/phishing
[4] Phishing: Don't get hooked! (n.d.). Retrieved from https://www.us-cert.gov/ncas/tips/ST04-014
- To bolster cybersecurity measures, it's vital for the City of Pforzheim to implement a combination of technical safeguards such as SPF, DKIM, and DMARC along with regular user training to recognize phishing tactics.
- Given the increasing threats of phishing attacks, it's crucial for individuals and organizations to stay updated on the latest phishing tactics, like those used in the current attack on Pforzheim, and employ advanced technology like email authentication protocols and user education programs to mitigate risks.
