Fake Messages for Data Theft (Phishing)

Phishing is a cyber attack where the attacker sends fake messages with the intention of obtaining sensitive data.

How does a phishing attack occur?

A phishing attack usually starts with an email that at first glance looks like it was sent by a service provider. The attacker wants to create a sense of urgency by threatening to restrict access to services or banking funds if no immediate action is taken. This is to convince the recipient to:

• either click on a link and enter certain data,
• or open a malicious attachment.

The malicious link leads to a false website, which uses the graphic elements of the service provider to give an impression of credibility. It often mimics a login page with input fields where the user is supposed to enter their system login details (e.g., in My NEOSERV). In reality, however, the fake website forwards the data to the attackers.

How to recognize a fake message Report on phishing attacks Frequently Asked Questions

How to recognize a fake message?

The sender's email address is unknown or unusual.
Therefore, it does not match the domain actually used by the service provider.

The message differs in certain elements (graphic design, communication style)
from the messages you typically receive from the provider.

The content of the message is written in a way that creates a sense
of urgency and encourages immediate action.

The text often contains grammatical errors or unusual characters.

The link visible in the message directs the user
to an unknown website or domain.

Report on phishing attacks

A list of the latest email attacks where the sender falsely presented themselves as NEOSERV.

12.03.2025 @ 04:50 Prosimo, preverite naslov svojega računa

Sender name:	Podpora NEOSERV
Sender email:	w@artatelier.ch / y@artatelier.ch / z@tmrz.ch
Email subject:	Prosimo, preverite naslov svojega računa
Email screenshot:

11.04.2025 @ 09:40 Prekinjena naročnina zaradi neuspešnega plačila – posodobite podatke o plačilu

Sender name:	Neoserv
Sender email:	noreply@connectto.com
Email subject:	Prekinjena naročnina zaradi neuspešnega plačila – posodobite podatke o plačilu
Email screenshot:

21.04.2025 @ 14:40 Vaše plačilo ni uspelo – obnovite dostop do svoje naročnine

Sender name:	NEOSERV
Sender email:	kunden-support1@looprevier.ch / support@joinomba.org
Email subject:	Vaše plačilo ni uspelo – obnovite dostop do svoje naročnine
Email screenshot:

11.06.2025 @ 15:20 Obvestilo: Vaš račun je v stanju začasne prekinitve

Sender name:	NEOSERV Podpora
Sender email:	a-podpora@markovichauswart.ch
Email subject:	Obvestilo: Vaš račun je v stanju začasne prekinitve
Email screenshot:

22.08.2025 @ 16:20 Zahtevana je obnova domene

Sender name:	Podpora NEOSERV
Sender email:	f@reysulivan.com / g@reysulivan.com / k@reysulivan.com
Email subject:	Zahtevana je obnova domene
Email screenshot:

09.09.2025 @ 12:25 Zahtevana je obnova domene

Sender name:	Podpora NEOSERV
Sender email:	d@typolix.ch
Email subject:	Zahtevana je obnova domene
Email screenshot:

11.09.2025 @ 11:40Hitro posodobite podatke o plačilu in nadaljujte brez prekinitve

Sender name:	Podpora za naročnine
Sender email:	c@kleines-amt.ch
Email subject:	Hitro posodobite podatke o plačilu in nadaljujte brez prekinitve
Email screenshot:

15.01.2026 @ 10:38Začasna prekinitev naročnine zaradi težave pri plačilu

Sender name:	Plačilna podpora
Sender email:	info@mails.vpartners.ch
Email subject:	Začasna prekinitev naročnine zaradi težave pri plačilu
Email screenshot:

20.01.2026 @ 13:32Akce nutná – Vaše platba nebyla zpracována

Sender name:	Plačilna podpora
Sender email:	webmaster@peteshapter.co.uk
Email subject:	Akce nutná – Vaše platba nebyla zpracována
Email screenshot:

Additional protection for the subscriber center

Enable two-factor authentication (2FA) in the subscriber center My NEOSERV.

Select the My Details tab
and click the Enable 2FA Login button

Follow the instructions
to activate 2FA

MALICIOUS EMAILS

Fake Messages for Data Theft (Phishing)

How does a phishing attack occur?

How to recognize a fake message?

Check the sender's address

Caution with links

Report on phishing attacks

Additional protection for the subscriber center

Frequently Asked Questions