Phishing mails and their effect - Commerzbank goes digital

Our expert reports about experiences with the Commerzbank and its digitization attempts

At first I thought it could be phishing, but attackers would hardly be that helpless.

So I receive an e-mail from Commerzbank, who are supposed to convince me as a corporate customer that they can "digitally and personally stand by my side at your company". Nice idea.

The title, however, is anything but personal and is not really a speech at all: "Please forward this to the relevant employees of your company". Only the capitals are missing. Ah, yes, the mail starts with "Dear Ladies and Gentlemen", I could be 50% in line.

And also the sender "" rather awakens the cynic in me, rather than triggering a personal feeling. Another nice detail is that I am not on the "To" mailing list, but my address has been moved to the "Bcc". I suppose it was, where you could have guessed a name. No?

Phishing Mail mit Logo der Commerzbank

The beginning of our "friendship" could hardly be worse. But stop: I have not yet internalized the services offered, contact persons and contact data. These I find conveniently in a PDF attached to the mail. 100 points!

Highlights are i) NO web address (except the same sender of the mail), ii) opening hours from 8:00 to 17:00 o'clock (except Friday earlier ;) and iii) the postal or fax contact for "for voucherable payment transactions" and the "EDI-accompanying slips".

Neuer Firmenkundenservice der Commerzbank