How the modern data rip-off works with a well-known scam

A parcel from DHL? Sounds harmless. But this is exactly how a digital catastrophe begins that has already affected around 900,000 people worldwide. The message on the smartphone looks genuine, the logo familiar, the link professional. But instead of a parcel, only one thing is waiting: a perfectly fake page that wants your credit card details.

And anyone who falls for it is quickly out several hundred euros - often even more. The phishing scam is not new, but its technical implementation is now so good that even IT professionals have to be careful.

The shadow world of Darcula: who is really behind the scam

As an international investigation by Bayerischer Rundfunk, NRK (Norway) and Le Monde (France) shows, behind the phishing scam is a thoroughly organized criminal network with around 600 participants in over 130 countries. The mastermind behind it: Yucheng C., a 24-year-old Chinese man with the alias "Darcula".

He has developed the "Magic Cat" software - a kind of phishing construction kit that can be rented for a few hundred dollars a week. With just a few clicks, you can create deceptively real websites for large companies. Included in the package: fakes for over 300 brands, including DHL, Telekom, Hermes and even the GEZ website in Germany.

And the system works: 13 million clicks in seven months, over 880,000 data records stolen, i.e. almost every 14th message a hit. That's more efficient than any spam filter.

Authorities? Prefer to observe rather than act

The Federal Criminal Police Office (BKA) has known about it since October 2024. But instead of investigating, it is observing for the time being. The official reason: International cooperation is difficult, especially without clear treaties. In short: the perpetrators are based in Asia and the police in Germany are powerless - or want to be.

DHL itself also remains silent. In response to questions about cyber security, the company "generally does not want to comment". This is despite the fact that thousands of complaints about phishing text messages have long since been documented: The damage is real - and happens every day.

What makes "Magic Cat" so dangerous

The tool is not a hacker trick for nerds, but a service like Netflix: anyone who pays enough can log in and create fake websites at the click of a mouse. The scammers use SMS, iMessage or RCS to lure their victims - and boast in internal chats that they send tens of thousands of messages per day.

The pages look deceptively real, especially on a smartphone. And many people realize the scam too late - until it comes to the money.

Digitalization meets digital failure

We have known for years that phishing is dangerous. But the fact that the authorities are not actively investigating, even though the perpetrators and tools are known, is a scandal. State-of-the-art technology is being used to deceive people - and the response is old-fashioned excuses.

The fact that a 24-year-old software developer is leading entire countries around by the nose with a phishing kit shows that cybercrime is not a nerd fantasy - but a business model. And one that only works because banks, authorities and companies prefer to remain silent rather than act.

What you can do: Not only avoid links - but also hold those responsible to account. Those who use technical means to steal millions must no longer remain untouchable. Just stand by and watch? That is not an option.