Phishing – Crimes in connection with phishing usually have considerable financial consequences for the victims of fraud.

The lawyers at Herfurtner are available to provide you with legal advice at our offices in Hamburg, Frankfurt am Main, Munich and throughout Germany. Read our warnings below to help you recognize phishing attacks and protect yourself against them.

Table of contents

Phishing – definition
Phishing mail – what is it?
9 signs of phishing scams
Recognizing phishing attempts by email
Unmasking phishing websites
How high is the risk of phishing?
Phishing – call in a lawyer

Phishing – definition

What is phishing? The term phishing comes from the English language (fishing) and means something like “fishing”. Phishing is about fraudsters using methods to obtain sensitive and personal data from their victims.

This data is then used to deprive the victim of their finances.

Common phishing methods include:

Access to Dropbox and other cloud services
Spying on professional data on LinkedIn or Xing and personal information on social media
Automatic redirection from a legitimate website to a fake plagiarism – if you enter your data here, it will end up with the fraudster
Obtaining company data by posing as a supposed CEO
Fraudsters pretend to be real companies and obtain your data in this way
Malicious links in emails

What is identity theft? Identity theft occurs when stolen data is used to impersonate the person from whom the data was stolen.

Criminals who make use of other people’s sensitive data often use this to conclude contracts or make expensive purchases in the name of their victims. But also to empty their accounts or take out loans, as well as to deceive the relatives and friends of the fraud victims and also to defraud them of money.

Phishing mail – what is it?

How do I recognize phishing e-mails, do I have to report them, how do I react correctly if I have opened a malicious link and how can I protect myself from such fraudulent messages? All these questions are becoming increasingly important in view of the rising number of phishing attacks by email.

It is not unusual for a fake email to appear to be genuine. Nevertheless, there are some signs by which you can recognize a phishing email.

Because phishing emails are fast, cheap and time-saving, they are frequently used by cybercriminals. Sending emails is completely free, and obtaining email addresses is child’s play. They can often be found freely accessible on websites, but also on business cards, advertising brochures and the like.

The use of e-mails also enables large-scale phishing attacks, as one and the same e-mail can be sent to numerous recipients at the same time.

This method gives fraudsters quick and easy access to confidential information and sensitive data – provided the recipients of the messages open them without thinking. Victims of phishing scams are at risk of malware infections, data theft and identity fraud if they fall for the scam.

The aim of the criminals is to illegally obtain:

Company data
customer data
Company and production secrets
Personal information such as credit card numbers
Account data of customers of financial institutions
Tax information
Medical records

Phishing attacks are also used to gain access to email, social media and other accounts. For example, access to networked systems, including point-of-sale terminals and order fulfillment systems, is one of the targets.

Phishing emails are often the cause of large, widespread data breaches reported in the press.

Cyber criminals can cause huge damage to businesses, individuals and even government agencies with a seemingly harmless email.

One example, which occurred 20 years ago but caused financial damage of 10 billion US dollars and thus remained in the global memory, is the virus-infected “I love you” emails.

How does phishing work?

Phishing emails often contain one or more of three types of malware:

Damaged web links,
malicious attachments or
fake data entry forms.

Phishing mail – you can recognize fraud by these 9 signs

In the following sections, we look at nine of the most common characteristics of phishing emails. If even a few of them appear in an email, it is a scam.

1. name? No way

Organizations or service providers you are in contact with always address you by name, never as “customer” or “user”. This is unusual and indicates a dubious sender. However, being addressed by name is not a clear indication of a trustworthy e-mail. There are also criminals who know the name of their scam victim and use it to lend their email trustworthiness by addressing it correctly.

2. inserted hyperlinks

Reputable organizations rarely send emails with links that the recipient has to click on. They will never ask you to log in via the link in an e-mail or to provide other sensitive data. So if you receive such an e-mail, do not comply with the requests in the message and do not click on the link. Notify the organization concerned and report the suspicious e-mail to the police and the consumer advice center if necessary.

Tip: Always enter the URL in the address bar of your browser. This is the best way to be sure that you are not being redirected to a fake website.

3. information about the sender in the source text

Phishing e-mails can sometimes be very well designed and deceptively genuine. However, even if the language style and sender initially appear legitimate, the email is not necessarily authentic. The sender details can also be forged.

You can check this by looking at the so-called “mail header”. This is where the sender’s Internet Protocol (IP) address is stored. Forgery-proof and able to identify the sender, this is the only possibility.

4. indication of information

Another warning signal is the request to enter personal data. Reputable organizations or service providers will not ask you to do this by e-mail.

5. Language style – grammatical and punctuation errors

Emails sent in bad German are the easiest to recognize as phishing emails. The vast majority of these messages were not originally written in German, but translated from another language.

Character set problems, such as Cyrillic characters or missing umlauts, are another telltale sign of such fraudulent emails.

6. formulations: Emphasis and firmness

Also be careful with emails that ask you to do something immediately or within a very short period of time. Especially if you are threatened with a consequence if you do not comply with this supposedly urgent action.

7. e-mails in languages other than German

E-mails that are written in a language other than the one you are used to can also be easily identified as phishing mail. If you have no contact with international organizations, it can be assumed that the correspondence is in your native language.

8. mails from a foreign organization

The email should be deleted if you receive one from an organization with which you have no business relationship.

9. apps, file attachments and URLs

Increasingly, phishing emails ask recipients to open a file that is either attached or can be downloaded via a link. You should never download or even open such a file if you receive it in an unexpected email.

Viruses and Trojans are often found in this type of file, so you should never open it. Not even if you are threatened with the closure of your account, the involvement of a debt collection agency or other invented reasons for creating an attachment.

You should be wary of any e-mail that contains a file attachment and/or a threat.

What are the signs of phishing scams in emails?

Have you received an e-mail with these characteristics – or some of them? Delete it immediately. The email is almost certainly a phishing attempt.

When a phishing email is sent in HTML format, the sender usually uses a fictitious email address to appear legitimate.

If this is the case, you can find out in various ways:

Look at the code of the HTML emails if you manage your emails with a browser. Instead of clicking on the sender’s name, you can simply hover over it with the mouse pointer. You can then check whether the sender line has a second address.

Detect phishing websites and protect yourself

From what you may have heard or read, a secure connection and a reputable website are identified by the abbreviation “https://” in the address field of your Internet browser.

In reality, the abbreviation means that the website operator has purchased an SSL certificate for its pages.

Phishing scammers, however, are increasingly using this tactic to give the impression of seriousness.

Therefore, “https://” no longer means a green light.

Precautionary measures include checking every link in an email or social media post before accessing it.

Phishing URLs are not just limited to banks. They can mimic any website or online service, including social networks, email services, online stores and more.

Here are some examples:

Social networks:

A phishing attempt could use a URL like “www.faceb00k.com” or “login-faceb00k.com” to mimic the legitimate Facebook URL “www.facebook.com”.

Email services:

A phishing URL could attempt to mimic the Gmail login page, for example using “www.gmail.login.com.user.abcdefg”.

Online stores:

Phishing URLs could try to imitate popular e-commerce websites. For example, “www.amaz0n.com” or “www.amazon-signin.com” could be used instead of the real URL “www.amazon.com”.

Differentiation from the vishing scam

Vishing is a form of social engineering that uses phone calls in an attempt to obtain private information. In contrast to phishing, where attempts are made to obtain confidential information via emails or websites, vishing uses telephone calls.

Vishing and phishing are two ways in which people exploit data in different ways to gain access to private information.

Phishing is a form of social engineering in which attackers use emails or intrusive pop-up windows to try to trick victims into revealing their personal information.

Vishing is a form of social engineering in which attackers use phone calls or voice messages to try to trick victims into revealing their personal information.

Both methods are often used to steal confidential user credentials, credit card information and other important data.

To protect themselves from phishing attacks, users should exercise caution when opening emails from unknown senders. They should also check the legitimacy of the email address they are replying to.

To protect themselves from vishing attempts, users should never answer calls or voice messages from unknown callers or callers asking strange questions.

Phishing in online banking: bank liability for losses

The phenomenon of phishing in online banking has increased in recent years, affecting both bank customers and the banks themselves. Digitalization has made our lives easier in many areas. But it also brings with it new dangers, such as phishing. Bank customers are also increasingly affected by this.

Any financial institution can be affected. Read this article to find out how you can protect yourself and your bank details from fraudsters. We also give you tips in case you are affected and would like to have your claims for compensation checked.

The bank’s liability for losses caused by phishing in online banking depends on various factors, including the customer’s and the bank’s duty of care, the circumstances of the particular case and the legal provisions.

Legal regulations and principles

In Germany, the legal basis for the bank’s liability for online banking phishing losses is set out in the German Civil Code (BGB) and the Payment Services Supervision Act (ZAG).

The relevant legal provisions include:

§ Section 675u BGB – Liability of the payer for unauthorized payment transactions
§ Section 675v BGB – Liability of the payment service provider for unauthorized payment transactions
§ Section 675x BGB – Liability of the payment service provider for misuse
§ Section 675y BGB – Liability of the payment service provider for use of an unauthorized payment instrument
§ Section 675z BGB – Liability of the payer in the event of loss, theft or misuse of a payment instrument
§ Section 44 ZAG – Liability for unauthorized payment transactions

Due diligence obligations of the bank customer

Bank customers have certain duties of care that they must fulfill in order to limit their liability for losses caused by phishing in online banking. These include, among other things

Confidentiality of the personal identification number (PIN) and other access data
Regular checking of account statements for irregularities
Use of security software and regular updating of systems
Observing the bank’s security instructions and implementing recommendations

If a customer fails to comply with their due diligence obligations, they may be liable for losses caused by phishing in online banking.

Liability of the bank for losses due to phishing

In principle, the bank is liable for unauthorized payment transactions unless the customer has intentionally or grossly negligently breached their duty of care. In such cases, the customer’s liability may be limited to a maximum of EUR 50, unless the customer has acted with intent, in which case the customer is liable for the full amount.

However, the bank can be released from its liability if it can prove that the customer breached their duty of care and that this breach was causal for the damage incurred.

How can I protect myself against phishing in online banking?

To protect yourself against phishing in online banking, you should take the following security measures:

Use strong passwords and change them regularly.
Watch out for suspicious emails, text messages or phone calls asking for your personal or financial information.
Check the sender of emails and look out for fake domains.
Never enter your bank details via a link in an e-mail or text message. Instead, access your online banking directly via the bank’s official website or app.
Install and update antivirus and security software on your devices regularly.
Find out about your bank’s current security advice and implement its recommendations.

How can I tell the difference between genuine bank emails and phishing attempts?

How can I tell the difference between genuine emails from my bank and phishing emails? Genuine bank emails and phishing attempts may look similar at first glance, but there are some clear distinctions. Firstly, banks will never email you asking you to enter personal details or passwords. Secondly, pay attention to the sender address: It should match your bank’s official domain and not contain any strange characters or misspellings.

In addition, phishing emails often contain spelling and grammatical errors, whereas genuine communications are professionally written. Finally, you should always be wary of unsafe links in the email: Hover over the link (without clicking) and check that the URL matches your bank’s official website. If in doubt, you should always contact the bank directly without using the links or telephone numbers provided in the e-mail.

What should I do if I have been affected by a phishing attack?

If you believe you have been the victim of a phishing attack, you should take the following steps immediately:

Contact your bank and inform them of the suspected phishing attack.
Change your online banking access data and passwords.
Check your account statements for suspicious activity and report it to your bank.
If necessary, report it to the police.
Also inform your friends and family so that they can protect themselves from similar attacks.

Can I claim compensation from the bank if I am the victim of a phishing attack?

Whether you can claim compensation from your bank depends on the circumstances of the individual case. In principle, the bank is liable for unauthorized payment transactions, unless you as a customer have intentionally or grossly negligently breached your duty of care. In such cases, the customer’s liability may be limited to a maximum of 50 euros, unless the customer has acted with intent, in which case the customer is liable for the full amount.

If you believe that your bank is liable for your losses due to a phishing attack, we recommend that you contact an experienced lawyer who can assist you in enforcing your claims.

Help for those affected by phishing online banking

Phishing in online banking is a serious problem that affects both bank customers and banks. The bank’s liability for losses caused by phishing depends on various factors, such as whether the customer and the bank have fulfilled their duty of care, the circumstances of the individual case and the statutory provisions.

To protect yourself from phishing attacks, it is important to be aware of online banking security measures and take appropriate precautions. If you do become a victim of a phishing attack, do not hesitate to contact your bank and take the necessary steps to minimize your financial losses and restore your online banking security.

If you have any questions about the bank’s liability for online banking phishing losses or how to enforce your claims, it is advisable to contact an experienced lawyer.

You can find out which banks and financial institutions can be affected by phishing attacks here.

Bank accounts and phishing: How do you recognize suspicious account transactions?

Phishing refund bank: Conspicuous account transactions can indicate phishing attacks, in which fraudsters try to obtain your personal and financial information.

You should take the following measures to recognize conspicuous account movements:

Check your bank statements regularly: Check your bank statements regularly for suspicious or unexplained transactions, such as unexpected debits or transfers you didn’t authorize.

Watch out for unusual amounts: If you see transactions that are unusually high or low or that don’t fit your usual spending patterns, investigate them more closely.

Check unknown recipients: Watch out for transfers or payments to recipients you don’t know or where you can’t see a reason for a payment.

Use notifications: Many banks offer notification services where you are notified of suspicious activity or transactions. Activate this function to be informed in good time about any suspicious account movements.

Monitor your credit card transactions: Also check your credit card transactions regularly to see if there are any unusual or unknown transactions.

Be careful with emails and messages: Be suspicious of emails, text messages or phone calls that ask you to give out personal information or click on links that supposedly lead to the bank. Never give out personal information such as passwords or PINs to unknown people.

Use strong passwords and security measures: Use strong passwords for your online banking and financial service providers and change them regularly. Protect your devices with antivirus software and keep your software and apps up to date.

If you notice any suspicious account activity or suspect that your account has been compromised, contact your bank immediately to report the problem and take appropriate action to protect your finances and personal information.

Recognizing phishing URLs: specific examples of suspicious domains

Phishing URLs that mimic the savings bank, for example, could be designed in a similar way to other phishing URLs. The scammers try to copy the savings bank URL as closely as possible, making small changes that can easily be overlooked.

Here are some examples of what a phishing URL trying to mimic Sparkasse might look like:

Change of domain: “www.sparkasse-online.com” instead of the actual URL “www.sparkasse.de”.
Adding a subdomain: “www.sparkasse.com.phishingwebsite.com” or “www.sparkasse.phishingwebsite.de”.
Inserting additional words or characters: “www.sparkasse-login.de” or “www.sparkase.de” (an “s” was omitted here).
Use of a long and complicated URL: “www.sparkasse.de.login.12345.user.abcdefg”.
Any time you see a URL that claims to belong to the savings bank or another online service but does not exactly match the real URL, you should consider it a potential phishing attempt. It is always safest to type the URL of the service directly into your browser’s address bar to make sure you are visiting the real website.

Fake phishing sites can be recognized, for example, by requesting a TAN without having made a transaction.

Man-in-the-middle phishing scam

Phishing attacks can be planned in such a way that they redirect users from one process to another. This is often referred to as a man-in-the-middle attack and is a common tactic in more advanced phishing attacks.

In the context of online banking, for example, it could look like this:

You receive a phishing email claiming to be from your bank and asking you to click on a link to log in.
When you click on the link, you land on a fake website that looks like your bank’s real website.
When you enter your login credentials, the attackers can capture this information in real time.
Now the attackers could try to get you to switch from one security method to another. For example, they might claim that the TAN method has been temporarily disabled due to security
concerns and that you need to use a different method instead. In reality, they are trying to get you to disclose more sensitive information, which they can then use for fraudulent purposes.
Many clients have reported this exact method of fraud to our law firm.

Many banks warn customers about phishing

Hanseatic Bank, for example, warns its customer base about the danger of phishing.

According to the information provided by the law firm Herfurtner from the Hanseatic Bank website, phishing e-mails could look like the following:

The sender’s address could contain spelling mistakes or special characters, for example info@hanseaticbank123.de.
Outdated bank logos could be used.
The address could be impersonal.
The message could contain a suspicious link or an attached file, especially zip files.
An urgent need for action could be suggested, prompting the recipient to click on a link that redirects them to a page where they are asked to enter confidential data.
With regard to phishing websites, Hanseatic Bank states that:

Any link in a message or on social networks should be checked carefully before being accessed. These links could redirect the user to pages that look very similar to the Hanseatic Bank login page. If login details are entered there, they could fall into the hands of fraudsters. Such pages often ask for further personal data or request the entry of a TAN or the release of identification.

A website with “https://” and a lock is often perceived as a trustworthy website. However, more and more phishing scammers are using these SSL certificates to give the appearance of trustworthiness.
The URL bar should be checked carefully. An Internet address that contains the name of the company in combination with unusual numbers could indicate a fake Internet address.
Phishing websites usually do not have a link to the imprint or a data protection page. If they do, the user should click on them and check where they are being redirected to.
Hanseatic Bank also offers useful security tips from its experts on its website https://www.hanseaticbank.de/hilfe-services/phishing, according to its own statement.

Deutsche Bank also informs customers about cyber attacks such as phishing on its website:

Deutsche Bank explicitly points out the danger of phishing on its website:

“Current security notice: new phishing emails in circulation

Deutsche Bank never requests more than one TAN per order in online banking. If you are asked to enter several TANs, cancel the process and inform us immediately. Inform us by calling the free telephone number 0800 – 8 128 128 or by sending an e-mail to: security.db@db.com.”

(Status: 08.05.2023, source of information)

Oyak Anker Bank refers to phishing problem

Oyak Anker Bank has published some important information and advice on IT security on its website. It points out that fraud attempts on the Internet and especially in online banking are increasing. The bank therefore advises users to remain vigilant at all times and not to open any unknown e-mails or file attachments. It also provides information on the latest scams and has compiled up-to-date security advice.

The bank specifically warns against phishing emails, which have become increasingly common since 2016. The aim of these phishing emails is to steal personal data from internet users and, for example, make unlawful account debits.

In the rules of conduct and measures to avoid phishing, Oyak Anker Bank emphasizes that you can end up on fake websites if you click on the link of such an email. You should therefore always check the URL for spelling mistakes. You should also be careful with unknown e-mails and file attachments, as they often conceal encryption Trojans.

The bank also points out that cyber criminals are taking advantage of the coronavirus crisis to intensify their fraud attempts. It warns against fake emails claiming to be from the savings bank and demanding that personal data be entered.

The bank generally advises customers not to open unknown files, to check the origin of emails and to thoroughly scrutinize both the sender and any links contained in them. It also provides a list of potential threats to protect its customers from future attempts at fraud.

Another security notice relates to crypto Trojans. The bank explains that ransomware – also known as blackmail Trojans, crypto Trojans or encryption Trojans – are malicious programs that criminals use to encrypt files and drives in order to extort ransom.

The bank advises users to minimize the risk of infection by always keeping their virus protection up to date, making regular backups of important data on external data carriers and not opening unknown emails or email attachments. The operating system and web browser should also be updated regularly.

Affected by a phishing attack – what to do?

If you are affected by a phishing attack on your bank account, act immediately and follow these steps:

Contact a lawyer: A lawyer can help you assert your legal claims against the fraudsters or the bank and support you in settling the claim.
Inform your bank: Contact the financial institution concerned immediately and inform them of the incident. It may be possible to stop or reverse transactions.
Change your passwords: Immediately change your passwords for all affected online accounts, especially for online banking.
Report it to the police: Report it to the police and pass on all relevant information about the phishing attack.
Inform others affected: Share your experiences with friends, family and colleagues to inform them about the phishing attack and protect them from similar attacks.

Phishing refund bank: claim money back with a lawyer

You should consider seeking legal help with phishing in the following situations:

1. if you have already been the victim of a phishing attack and have given out personal information, bank or credit card details.

2. if you have suffered financial losses as a result of a phishing attack, for example if money has been taken from your account or your credit card has been misused.

3. if you are affected by identity theft, i.e. if someone uses your personal data to impersonate you and, for example, conclude contracts in your name or take out loans.

4. if you have legal questions about phishing or data security, such as how you can best protect yourself or what legal steps you should take to protect yourself or your company from phishing attacks.

5. if you have discovered a suspicious email or website that may be phishing and you want to take legal action against those responsible.

In such cases, a lawyer can help you protect your rights, take the necessary measures to protect your personal data and financial resources, and possibly claim damages. In addition, a lawyer can also assist you in cooperating with the relevant authorities to put a stop to the phishing scammers.

Phishing refund bank – legal advice for affected bank customers

Phishing and other forms of online fraud are a serious threat. By better understanding the methods of fraud, taking preventative measures and acting quickly in the event of an attack, you can better protect yourself and your assets. If you are the victim of a phishing attack, do not hesitate to seek professional help from banks, law enforcement agencies and lawyers.

If you have been the victim of a phishing attack and have suffered financial losses, it may be advisable to consult a lawyer. The lawyer can help you to better understand your rights and obligations in this situation and clarify whether and how you can get your money back. They will also take over the correspondence with your bank.

3 reasons why you should contact a lawyer instead of communicating directly with the bank:

Knowledge and expertise: a lawyer has the legal knowledge to analyze and evaluate your situation. He or she can educate you about your legal options and help you develop a strategy to get your money back.

Communication: The lawyer can communicate with the bank on your behalf and ensure that your interests are properly represented. It can be difficult to negotiate such matters with a bank without legal knowledge. Certain wording can quickly be interpreted as an admission of guilt, which can jeopardize your claims for compensation as the person affected.

Protecting your rights: A lawyer can ensure that your rights are protected throughout the process. There may be cases where the bank tries to shift the blame onto you or get you to give up certain rights. A lawyer can prevent this and ensure that you are treated fairly.

However, there may also be situations where it is appropriate to speak to the bank directly. For example, if you realize early on, before any damage has been done, that you have received a phishing email, you should immediately forward it to your bank without responding to the email. In any case, it is important to act quickly to minimize potential damage.

Phishing and data theft – how high is the risk?

It is estimated that at least tens of millions of euros are lost every year in Germany as a result of targeted phishing attacks.

The BKA’s annual situation report provides the latest figures on cybercrime.

Depending on the target, consumers are at different levels of risk from phishing attacks: For example, anyone who is tricked into entering their credit card details on a fake bank website gives the fraudsters everything they need to make a massive online purchase.

Using stolen account details, fake websites of online mail order companies try to make purchases for the benefit of their owners.

Phishing therefore poses a significant risk of financial loss.

Furthermore, malware-infected file attachments in phishing emails pose an additional threat: Every careless click on one of these dangerous files leads to infection with a malicious program, usually unnoticed by the user.

A Trojan, a bot or ransomware are examples of this.

What can victims of fraud do?

More and more phishing victims are contacting our law firm seeking help and asking to speak to one of our lawyers.

We have been working in the field of internet fraud for some time and we know how important it is to look at each individual case. Each case and the circumstances of phishing are unique.

If you need help as a result of a phishing attack, please do not hesitate to contact us. For example, we can help you communicate with your bank – with the aim of getting your money back.

An experienced phishing lawyer must also be up to date with the latest case law. Many phishing cases end up in court because the banks do not want to be held responsible. Instead of paying, they often end up suing. Each time, a large sum of money is at stake for the financial institution.

Which banks in Germany can be affected by phishing attacks?

In principle, any bank that offers online banking services can be the target of a phishing attack.

Some of the largest banks in Germany that could potentially be affected are:

Aareal Bank
Bankhaus Lampe
Bankhaus Metzler
Bank of Scotland
Bayerische Landesbank
BayernLB
Commerzbank
Degussa Bank
DekaBank
Deutsche Bank
Düsseldorfer Hypothekenbank
DVB Bank
DZ Bank
Fidor Bank
FMS Wertmanagement
Hamburg Commercial Bank
Helaba
IKB – Deutsche Industriebank
ING-DiBa
KfW Bankengruppe
Landesbank Baden-Württemberg (LBBW)
Landesbank Berlin (LBB)
Landesbank Saar (SaarLB)
Mercedes-Benz Bank
National-Bank
Netbank
Norddeutsche Landesbank
Norisbank
Portigon AG
Postbank
ProCredit Bank
PSD Bank
Quirin Privatbank
ReiseBank
Santander Consumer Bank AG
Sparda-Bank
Targobank
UniCredit Bank AG
Varengold Bank
Volksbank Raiffeisenbank
Volkswagen Bank
VON ESSEN Bank
Wüstenrot Bank
1822direkt
N26

The savings bank with its numerous branches can also be affected by phishing:

Sparkasse Aachen
Kreissparkasse Ostalb
Sparkasse Westmünsterland
Sparkasse Aichach-Schrobenhausen
Sparkasse Altenburger Land
Sparkasse Amberg-Sulzbach
Erzgebirgssparkasse
Sparkasse Ansbach
Sparkasse Arnsberg-Sundern
Sparkasse Aschaffenburg-Alzenau
Sparkasse Attendorn-Lennestadt-Kirchhundem
Stadtsparkasse Augsburg
Sparkasse Aurich-Norden
Sparkasse Wittgenstein
Sparkasse Rhein-Haardt
Sparkasse Bad Hersfeld-Rotenburg
Taunus Sparkasse
Sparkasse Bad Kissingen
Sparkasse Rhein-Nahe
Sparkasse Westerwald-Sieg
Kreissparkasse Ahrweiler
Sparkasse Bad Neustadt a. d. Saale
Sparkasse Bad Oeynhausen – Porta Westfalica
Sparkasse Holstein
Stadtsparkasse Bad Pyrmont
Sparkasse Berchtesgadener Land
Sparkasse Bad Tölz-Wolfratshausen
Sparkasse Baden-Baden Gaggenau
Sparkasse Zollernalb
Sparkasse Bamberg
Stadtsparkasse Barsinghausen
Sparkasse Battenberg
Kreissparkasse Bautzen
Sparkasse Bayreuth
Sparkasse Beckum-Wadersloh
Sparkasse Bensheim
Sparkasse Bergkamen-Bönen
Berliner Sparkasse
Sparkasse Mittelmosel – Eifel Mosel Hunsrück
Kreissparkasse Bersenbrück
Kreissparkasse Biberach
Sparkasse Bielefeld
Kreissparkasse Bitburg-Prüm
Kreissparkasse Anhalt-Bitterfeld
Kreissparkasse Böblingen
Stadtsparkasse Bocholt
Sparkasse Bochum
Sparkasse Bonndorf-Stühlingen
Bordesholmer Sparkasse AG
Stadtsparkasse Borken (Hessen)
Sparkasse Bottrop
Braunschweigische Landessparkasse
Teilrechtsfähige Anstalt der Nord/LB
Sparkasse Bremen AG
Weser-Elbe-Sparkasse
Sparkasse Hochsauerland
Sparkasse Kraichgau Bruchsal-Bretten-Sinsheim
Sparkasse Bühl
Sparkasse Burbach-Neunkirchen
Stadtsparkasse Burgdorf
Sparkasse im Landkreis Cham
Sparkasse Chemnitz
Sparkasse Coburg – Lichtenfels
Sparkasse Spree-Neiße
Stadtsparkasse Cuxhaven
Sparkasse Dachau
Stadt- und Kreis-Sparkasse Darmstadt
Kreissparkasse Vulkaneifel
Sparkasse Deggendorf
Stadtsparkasse Dessau
Sparkasse Paderborn-Detmold-Höxter
Kreissparkasse Grafschaft Diepholz
Sparkasse Dillenburg
Sparkasse Dillingen-Nördlingen
Kreissparkasse Döbeln
Sparkasse Donauwörth
Sparkasse Dortmund
Ostsächsische Sparkasse Dresden
Sparkasse Duderstadt
Sparkasse Duisburg
Sparkasse Düren
Kreissparkasse Düsseldorf
Stadtsparkasse Düsseldorf
Sparkasse Barnim
Sparkasse Rottal-Inn
Sparkasse Einbeck
Wartburg-Sparkasse
Sparkasse Elmshorn
Sparkasse Emden
Sparkasse Engen-Gottmadingen
Sparkasse Odenwaldkreis
Kreis- und Stadtsparkasse Erding-Dorfen
Sparkasse Mittelthüringen
Kreissparkasse Heinsberg
Stadt- und Kreissparkasse Erlangen Höchstadt Herzogenaurach
Sparkasse Werra-Meißner
Sparkasse Essen
Kreissparkasse Esslingen-Nürtingen
Kreissparkasse Euskirchen
Sparkasse Elbe-Elster
Nord-Ostsee Sparkasse
Sparkasse Forchheim
Frankfurter Sparkasse
Sparkasse Oder-Spree
Sparkasse Mittelsachsen
Sparkasse Freiburg-Nördlicher Breisgau
Sparkasse Freising Moosburg
Kreissparkasse Freudenstadt
Sparkasse Freyung-Grafenau
Sparkasse Oberhessen
Sparkasse Bodensee
Sparkasse Fulda
Sparkasse Fürstenfeldbruck
Sparkasse Fürth
Kreissparkasse Gelnhausen
Sparkasse Gelsenkirchen
Sparkasse Gera-Greiz
Sparkasse Geseke
Sparkasse an Ennepe und Ruhr
Sparkasse Gießen
Sparkasse Celle-Gifhorn-Wolfsburg
Sparkasse Gladbeck
Kreissparkasse Göppingen
Kreissparkasse Gotha
Sparkasse Göttingen
Stadtsparkasse Grebenstein
Sparkasse Vorpommern
Sparkasse Muldental
Kreissparkasse Groß-Gerau
Sparkasse Dieburg
Sparkasse Grünberg
Sparkasse Gummersbach
Sparkasse Günzburg-Krumbach
Vereinigte Sparkassen Gunzenhausen
Sparkasse Gütersloh-Rietberg-Versmold
Stadt-Sparkasse Haan (Rheinl.)
Sparkasse an Volme und Ruhr
Saalesparkasse
Kreissparkasse Halle (Westf.)
Stadtsparkasse Haltern am See
Hamburger Sparkasse AG
Sparkasse Harburg-Buxtehude
Sparkasse Hameln-Weserbergland
Sparkasse Hamm
Sparkasse Hanau
Sparkasse Hannover
Sparkasse Kinzigtal
Sparkasse Hattingen
Sparkasse Heidelberg
Kreissparkasse Heidenheim
Kreissparkasse Heilbronn
Sparkasse Märkisches Sauerland Hemer–Menden
Sparkasse Starkenburg
Sparkasse Herford
Herner Sparkasse
Kreissparkasse Hildburghausen
Sparkasse Hildesheim Goslar Peine
Kreissparkasse Saarpfalz
Kreissparkasse Steinfurt
Kreissparkasse Birkenfeld
Sparkasse Arnstadt-Ilmenau
Sparkasse Ingolstadt Eichstätt
Sparkasse Iserlohn
Sparkasse Westholstein
Sparkasse Jena-Saale-Holzland
Sparkasse Kaiserslautern
Sparkasse Karlsruhe
Kasseler Sparkasse
Kreis- und Stadtsparkasse Kaufbeuren
Sparkasse Hanauerland
Kreissparkasse Kelheim
Sparkasse Allgäu
Förde Sparkasse
Sparkasse Kierspe-Meinerzhagen
Sparkasse Rhein-Maas
Sparkasse Koblenz
Kreissparkasse Köln
Sparkasse KölnBonn
Sparkasse Waldeck-Frankenberg
Sparkasse Krefeld
Sparkasse Kulmbach-Kronach
Sparkasse Hohenlohekreis
Kreissparkasse Kusel
Sparkasse Südpfalz
Sparkasse Landsberg-Dießen
Sparkasse Landshut
Stadt-Sparkasse Langenfeld
Sparkasse Laubach-Hungen
Sparkasse LeerWittmund
Kreissparkasse Eichsfeld
Sparkasse Leipzig
Sparkasse Lemgo
Stadtsparkasse Lengerich
Sparkasse Leverkusen
Kreissparkasse Limburg
Sparkasse Hellweg-Lippe
Sparkasse Lörrach-Rheinfelden
Sparkasse zu Lübeck AG
Kreissparkasse Ludwigsburg
Sparkasse Vorderpfalz
Sparkasse Lüneburg
Sparkasse an der Lippe
Sparkasse Mansfeld-Südharz
Sparkasse Wittenberg
Sparkasse Magdeburg
Rheinhessen Sparkasse
Sparkasse Rhein Neckar Nord
Sparkasse Marburg-Biedenkopf
Kreissparkasse Mayen
Rhön-Rennsteig-Sparkasse
Kreissparkasse Melle
Kreissparkasse Schwalm-Eder
Sparkasse Schwaben-Bodensee
Sparkasse Emsland
Sparkasse Merzig-Wadern
Sparkasse Mitten im Sauerland
Kreissparkasse Miesbach-Tegernsee
Sparkasse Miltenberg-Obernburg
Sparkasse Minden-Lübbecke
Sparkasse am Niederrhein
Kreissparkasse Herzogtum Lauenburg
Stadtsparkasse Mönchengladbach
Sparkasse Neckartal-Odenwald
Sparkasse Altötting-Mühldorf
Sparkasse Unstrut-Hainich
Sparkasse Mülheim an der Ruhr
Stadtsparkasse München
Kreissparkasse München Starnberg Ebersberg
Sparkasse Münsterland Ost
Sparkasse Neubrandenburg-Demmin
Sparkasse Neuburg-Rain
Sparkasse Neumarkt i.d.OPf.-Parsberg
Sparkasse Südholstein
Sparkasse Neunkirchen
Sparkasse Ostprignitz-Ruppin
Sparkasse Neuss
Sparkasse im Landkreis Neustadt a. d. Aisch – Bad Windsheim
Vereinigte Sparkassen Eschenbach i.d.OPf. Neustadt a.d.Waldnaab Vohenstrauß
Sparkasse Mecklenburg-Strelitz
Sparkasse Neu-Ulm – Illertissen
Sparkasse Neuwied
Sparkasse Nienburg
Kreissparkasse Nordhausen
Kreissparkasse Grafschaft Bentheim zu Nordhorn
Kreis-Sparkasse Northeim
Sparkasse Nürnberg
Stadtsparkasse Oberhausen
Sparkasse Offenbach
Sparkasse Offenburg/Ortenau
Landessparkasse zu Oldenburg
Sparkasse Olpe-Drolshagen-Wenden
Kreissparkasse Börde
Sparkasse Osnabrück
Sparkasse Osterode am Harz
Sparkasse Uecker-Randow
Sparkasse Passau
Sparkasse Pfaffenhofen
Sparkasse Pforzheim Calw
Sparkasse Pfullendorf-Meßkirch
Sparkasse Südwestpfalz
Sparkasse Vogtland
Vereinigte Sparkasse im Märkischen Kreis
Mittelbrandenburgische Sparkasse in Potsdam
Sparkasse Uckermark
Sparkasse Prignitz
Sparkasse Radevormwald-Hückeswagen
Stadtsparkasse Rahden
Sparkasse Rastatt-Gernsbach
Kreissparkasse Ravensburg
Sparkasse Vest Recklinghausen
Sparkasse Regen-Viechtach
Sparkasse Regensburg
Bezirkssparkasse Reichenau
Stadtsparkasse Remscheid
Sparkasse Mittelholstein AG
Kreissparkasse Reutlingen
Kreissparkasse Wiedenbrück
Stadtsparkasse Rheine
Sparkasse Meißen
Sparkasse Schaumburg
Sparkasse Donnersberg
Sparkasse Rosenheim-Bad Aibling
OstseeSparkasse Rostock
Sparkasse Mittelfranken-Süd
Kreissparkasse Rottweil
Kreissparkasse Saalfeld-Rudolstadt
Sparkasse Saarbrücken
Kreissparkasse Saarlouis
Sparkasse Salem-Heiligenberg
Sparkasse Altmark West
Sparkasse St. Blasien
Kreissparkasse St. Wendel
Sparkasse Scheeßel
Kreissparkasse Saale-Orla
Kreissparkasse Schlüchtern
Sparkasse Wiesental
Sparkasse Schwäbisch Hall-Crailsheim
Stadtsparkasse Schwalmstadt
Sparkasse im Landkreis Schwandorf
Stadtsparkasse Schwedt
Sparkasse Schweinfurt-Haßberge
Sparkasse Schwelm-Sprockhövel
Sparkasse Mecklenburg-Schwerin
Sparkasse Hochfranken
Sparkasse Langen-Seligenstadt
Sparkasse Niederlausitz
Sparkasse Siegen
Hohenzollerische Landesbank Kreissparkasse Sigmaringen
Kreissparkasse Rhein-Hunsrück
Sparkasse Hegau-Bodensee
Stadt-Sparkasse Solingen
Kreissparkasse Soltau
Kyffhäusersparkasse Artern-Sondershausen
Sparkasse Sonneberg
Kreissparkasse Stade
Sparkasse Stade-Altes Land
Salzlandsparkasse
Sparkasse Staufen-Breisach
Kreissparkasse Stendal
Sparkasse Niederbayern-Mitte
Sparkasse Märkisch-Oderland
Kreissparkasse Syke
Sparkasse Tauberfranken
Sparkasse Hochschwarzwald
Kreissparkasse Traunstein-Trostberg
Sparkasse Trier
Kreissparkasse Tübingen
Kreissparkasse Tuttlingen
Sparkasse Uelzen Lüchow-Dannenberg
Sparkasse Ulm
Sparkasse UnnaKamen
Sparkasse Hilden-Ratingen-Velbert
Kreissparkasse Verden
Sparkasse Schwarzwald-Baar
Kreissparkasse Waiblingen
Sparkasse Hochrhein
Kreissparkasse Fallingbostel in Walsrode
Müritz-Sparkasse
Kreis- und Stadtsparkasse Wasserburg am Inn
Stadtsparkasse Wedel
Sparkasse Oberpfalz Nord
Sparkasse Markgräflerland
Kreissparkasse Weilburg
Sparkasse Oberland
Stadtsparkasse Wermelskirchen
Harzsparkasse
Niederrheinische Sparkasse RheinLippe
Sparkasse Wetzlar
Nassauische Sparkasse
Sparkasse Wilhelmshaven
Sparkasse Mecklenburg-Nordwest
Sparkasse Witten
Sparkasse Wolfach
Stadtsparkasse Wunstorf
Stadtsparkasse Wuppertal
Sparkasse Mainfranken Würzburg
Sparkasse Burgenlandkreis
Sparkasse Rotenburg Osterholz
Sparkasse Oberlausitz-Niederschlesien
Sparkasse Zwickau