Overview
- Germany’s consumer protection watchdog reports an active campaign impersonating Elster and tax offices to harvest personal data.
- Emails claim refunds are provisionally withheld due to incomplete information and direct recipients to submit a form via a link, using the subject line “Mahnung: Informationen für Ihre Steuererstattung erforderlich”.
- Red flags include a generic salutation, dubious sender details, urgent wording such as “Mahnung” and “zwingend” or “dringend erforderlich”, and embedded data-entry links.
- Elster states it does not announce refunds or request credentials or attachments by email and warns users not to click links or open files.
- Recommended steps include deleting or marking the mail as spam, reporting samples to phishing@verbraucherzentrale.nrw, and checking tax matters only via elster.de or the local Finanzamt, with alerts noting similar scams via SMS and manipulated QR codes.