>__Fraudulent QR Codes – Twint Fake Portals Used to Empty Bank Accounts__
>__Fraudsters lure their victims via QR code to fake Twint portals. This way, they steal login data and empty bank accounts.__
>They are useful, convenient, and ubiquitous: QR codes. But they can be a trap. Behind the black-and-white codes, fraudulent organizations may be hiding. Ludmilla R. experienced this firsthand. She wanted to sell a table on the classifieds platform Tutti.ch. A woman named Nicole contacted her: “She wrote that Tutti also offered courier services. I thought: wow, great service!”
>Shortly after, Ludmilla R. received a QR code via WhatsApp along with a link and instructions: she needed to log in, fill out a form, and then she could collect the payment.
>__One Click into Disaster__
>“The QR code led me to a site with Twint portals from various banks,” Ludmilla R. recalls. “I clicked on my own bank, Migros Bank, and entered the code I usually use to log in.” She didn’t realize that the link—seemingly from the bank—led to a fraudulent website. This allowed the fraudsters to obtain the data she entered, giving them access to her Twint account.
>And it didn’t stop there. The fraudsters asked for more information, including credit card details. That’s when Ludmilla R. became suspicious. “At that moment, I got suspicious. I put the phone down, logged into my bank account on the computer, and saw money was missing: there were 440 francs in the account, and they took 420.”
>__No Help on the Weekend__
>It was Saturday evening when Ludmilla R. realized she had been scammed. She immediately filed an online police report and contacted her bank to block Twint. That was all she could do: Migros Bank does not operate a hotline on Saturday evenings or Sundays.
>The same weekend, Marco P. was also targeted. He wanted to sell a DVD player via Tutti.ch. He too received a QR code via WhatsApp from a supposed buyer, again leading to the fake Twint site. The fraudsters stole 3000 francs from his account at the Ticino Cantonal Bank. “Unfortunately, it happened on a Sunday. I tried to contact the bank by phone, but that’s not possible on weekends.”
>>__What the Banks Say About the Demand for 24/7 Helplines__
>>__Migros Bank:__ “We continuously review the hours of availability of our hotline and may make adjustments if needed. If a customer disclosed their confidential login data and their Twint account was taken over through fraudulent reboarding, one possible countermeasure is to transfer the money from the linked account to another bank account as quickly as possible.”
>>__Ticino Cantonal Bank:__ “Our policy aligns with the practices of other Twint member banks. Additionally, 24/7 support wouldn’t have changed the outcome, as the fraud occurred within minutes due to the sharing of sensitive customer data linked to the Twint account.”
>>__Twint:__ “Each issuing bank is responsible for how they organize their customer support and how extensively it is available. Twint is a very secure payment method: all users are securely authenticated through their bank. Unlike cards, access to the app is double-protected. To make payments, users must first unlock their smartphone and then unlock the Twint app. Customers can also enable biometric unlocking for the app.”
>While banks are closed over the weekend, criminals strike: they take control of Twint accounts, make purchases, and transfer money from one account to another multiple times. Through repeated transfers, they launder their illicit gains.
>__Banks Show Little Goodwill__
>“Fraudsters create hundreds or even thousands of versions of such sites, since they are only online for a few hours,” explains Ivano Somaini, cybersecurity expert at Compass Security Switzerland AG. There are also fake sites for Booking.com, the postal service, and many other companies. “If victims enter their login information there, it’s like handing your car keys to a fake parking attendant.”
>The affected banks refused to reimburse Ludmilla R. and Marco P., citing the customers’ duty of care stated in the terms and conditions. But for customers, it’s becoming increasingly difficult to detect such sophisticated fraud schemes.
>When scammed, they feel abandoned by their banks: “At the very least, every bank should offer a 24/7 helpline for this kind of fraud,” say Ludmilla R. and Marco P.
It’s more and more common. I got an fake email to follow up with my tax report but it was completely bogus with a fake QR code.
2 comments
Translation:
>__Fraudulent QR Codes – Twint Fake Portals Used to Empty Bank Accounts__
>__Fraudsters lure their victims via QR code to fake Twint portals. This way, they steal login data and empty bank accounts.__
>They are useful, convenient, and ubiquitous: QR codes. But they can be a trap. Behind the black-and-white codes, fraudulent organizations may be hiding. Ludmilla R. experienced this firsthand. She wanted to sell a table on the classifieds platform Tutti.ch. A woman named Nicole contacted her: “She wrote that Tutti also offered courier services. I thought: wow, great service!”
>Shortly after, Ludmilla R. received a QR code via WhatsApp along with a link and instructions: she needed to log in, fill out a form, and then she could collect the payment.
>__One Click into Disaster__
>“The QR code led me to a site with Twint portals from various banks,” Ludmilla R. recalls. “I clicked on my own bank, Migros Bank, and entered the code I usually use to log in.” She didn’t realize that the link—seemingly from the bank—led to a fraudulent website. This allowed the fraudsters to obtain the data she entered, giving them access to her Twint account.
>And it didn’t stop there. The fraudsters asked for more information, including credit card details. That’s when Ludmilla R. became suspicious. “At that moment, I got suspicious. I put the phone down, logged into my bank account on the computer, and saw money was missing: there were 440 francs in the account, and they took 420.”
>__No Help on the Weekend__
>It was Saturday evening when Ludmilla R. realized she had been scammed. She immediately filed an online police report and contacted her bank to block Twint. That was all she could do: Migros Bank does not operate a hotline on Saturday evenings or Sundays.
>The same weekend, Marco P. was also targeted. He wanted to sell a DVD player via Tutti.ch. He too received a QR code via WhatsApp from a supposed buyer, again leading to the fake Twint site. The fraudsters stole 3000 francs from his account at the Ticino Cantonal Bank. “Unfortunately, it happened on a Sunday. I tried to contact the bank by phone, but that’s not possible on weekends.”
>>__What the Banks Say About the Demand for 24/7 Helplines__
>>__Migros Bank:__ “We continuously review the hours of availability of our hotline and may make adjustments if needed. If a customer disclosed their confidential login data and their Twint account was taken over through fraudulent reboarding, one possible countermeasure is to transfer the money from the linked account to another bank account as quickly as possible.”
>>__Ticino Cantonal Bank:__ “Our policy aligns with the practices of other Twint member banks. Additionally, 24/7 support wouldn’t have changed the outcome, as the fraud occurred within minutes due to the sharing of sensitive customer data linked to the Twint account.”
>>__Twint:__ “Each issuing bank is responsible for how they organize their customer support and how extensively it is available. Twint is a very secure payment method: all users are securely authenticated through their bank. Unlike cards, access to the app is double-protected. To make payments, users must first unlock their smartphone and then unlock the Twint app. Customers can also enable biometric unlocking for the app.”
>While banks are closed over the weekend, criminals strike: they take control of Twint accounts, make purchases, and transfer money from one account to another multiple times. Through repeated transfers, they launder their illicit gains.
>__Banks Show Little Goodwill__
>“Fraudsters create hundreds or even thousands of versions of such sites, since they are only online for a few hours,” explains Ivano Somaini, cybersecurity expert at Compass Security Switzerland AG. There are also fake sites for Booking.com, the postal service, and many other companies. “If victims enter their login information there, it’s like handing your car keys to a fake parking attendant.”
>The affected banks refused to reimburse Ludmilla R. and Marco P., citing the customers’ duty of care stated in the terms and conditions. But for customers, it’s becoming increasingly difficult to detect such sophisticated fraud schemes.
>When scammed, they feel abandoned by their banks: “At the very least, every bank should offer a 24/7 helpline for this kind of fraud,” say Ludmilla R. and Marco P.
It’s more and more common. I got an fake email to follow up with my tax report but it was completely bogus with a fake QR code.
Comments are closed.