Overview
- Deutsche Telekom and Germany’s consumer protection agencies report an active, renewed phishing wave and urge heightened vigilance.
- The scheme first triggers a legitimate Telekom password‑reset email, followed by a counterfeit invoice or warning that cites charges of about €160 and threatens action within 24 hours.
- Messages closely mimic official branding and may include fragments of recipients’ email addresses or phone numbers, with links leading to cloned Telekom login pages.
- Authorities advise deleting suspicious emails, accessing accounts or invoices only via telekom.de, enabling two‑factor authentication or passkeys, and immediately changing the Telekom password if credentials were entered.
- Security researchers note a broader rise in brand‑impersonation scams that are increasingly AI‑generated and hyper‑personalised, echoing trends seen with Microsoft, Google and other major brands.