How to recognise
scams!
Types of fraud
Since the Coronavirus pandemic, card transactions have increased massively. This attracts fraudsters who try to steal money from their victims with constantly evolving scams. We present the most common ones. Further information on important terms related to card fraud or on current fraud issues can be found in the glossary.
1. Phishing
In most fraud attempts, potential victims are lured to so-called phishing sites. To do this, scammers send text messages or emails to their victims, who are asked to follow a link in the message. Clicking on the link takes you to a fake page. There, the fraudsters try to obtain as much personal information as possible, including: Name, date of birth, credit card number, expiry date. With this data, the perpetrators are later able to steal victims’ money.
Video: What is Phishing?
Was tut die Polizei gegen Kartenbetrug?
One and the same scam
Phishing attacks often differ in terms of presentation and tone. However, the principle behind them is always the same. Three affected people report on what happened to them.
Tip
If you are unsure whether a message is phishing, check the sender’s email address.
What can I do?
- Do not click on links or open attachments.
- Pay attention to atypical sender addresses, spelling mistakes and logos.
- Only visit trustworthy websites (https://).
- Check the trader's general terms and conditions.
- Always use 3-D Secure for payments
- Check payment requests with the payee.
- Do not release payment confirmations until the amount and retailer name have been verified.
- Always remember: financial institutions never tell you about unusual account developments via email.
- Keep your web browser and operating system up-to-date.
2. Pharming
This type of fraud is related to phishing. Users enter a correct web address but fail to notice they have been redirected to a fake page. This is achieved with the help of a virus or a Trojan horse. As with phishing, victims are then asked to enter personal data and card information. Once they have this information, the way is open for the fraudsters to steal money without any problems. The type of fraud is called "pharming" because the fraudsters often operate entire server farms with fake websites in the background.
What can I do?
- Access only secure pages that begin with https://.
- Watch out for untypical sender addresses, spelling mistakes and dodgy logos.
- After you input the website (URL), check the web address again. Has access been diverted?
3. Carding
In carding, perpetrators use stolen or falsified card information to make online purchases or withdraw money from ATMs. When doing this they deliberately target cards with very weak security systems or they deliberately buy from online shops with weak security systems. The data were collected illegally beforehand through phishing fraud, data protection violations or skimming, and were sold on carding forums, mostly on the dark net. Victims often find out about the fraud only once the money has already been stolen from them. Months can often pass between the time the data were stolen and the actual fraud is committed.
What can I do?
- Use only cards with two-factor authentication
- Use strong passwords
- Use secure websites for online purchases (https://)
- Only use online shops that have the "Trusted Shops" label
- Check the trader's general terms and conditions
- Keep your devices and software up to date at all times
- Never give out personal data lightly or to strangers.
- Avoid public Wi-Fi networks, or use a VPN connection to secure your transactions
- Check movements on your account, and report any suspicious transactions
Scamming
In scamming, fraudsters try to lure their victims with particularly tempting offers: great romance, fast money, or the dream job. In essence, however, these advances are all aimed simply at one thing - taking money out of the victims' pockets. The scammers use pretexts and empty promises to get their victims to make advance payments. This fraudulent scam appears in various forms: Fraud with fake love (Romance Scam), fraud with false promises of money (Investment Scam), fraud with flat offers (Flatmate or Holiday Scam), fraud with the dream job (Employment Scam) or promises of lottery winnings (Lottery Scam).
What can I do?
- Distrust messages from unknown senders
- Foreign language messages or messages with spelling mistakes, impersonal salutations, pompous promises and the like are particularly suspicious
- Do not reply to suspicious e-mails, just delete them immediately
- Under no circumstances transfer any money
- Beware of contact requests on dating platforms
5. Account takeover
In an account takeover, perpetrators make purchases in the name of unsuspecting victims and have the goods delivered to another address. With many online shops, this is possible because verification of purchaser identities is often insufficient. It is often enough to enter the surname, first name and date of birth to place an order on an account. Victims only notice the fraud when they receive payment requests and reminders.
Make sure that you only buy from trustworthy retailers. These will be marked with the “trusted shops” label.
Take your time
Fraudsters usually take advantage of the gullibility and carelessness of their victims. Read messages with payment requests or confirmations carefully and do not simply click “Continue” due to lack of time.
Video: What is an Account Takeover?
Tipp
Look out for the “trusted shops” label in online shops.
What can I do?
- Only buy from trustworthy retailers: “trusted shops”.
- Only make payments on pages with SSL encryption.
- Cancel payment transactions in the event of irregularities.
- Check card statements.
- Report suspicious transactions immediately.
- Never give out personal data lightly or to strangers.
- Keep security settings for social media accounts very restrictive.
- Conduct e-commerce activities on sites such as Facebook via a separate bank account.
- Choose strong passwords and turn on two-factor authentication.
- Never pass on SMS codes to third parties.
- Check whether telephone numbers or delivery addresses have been changed in your accounts.
6. Stolen or lost card
Unfortunately, debit or credit cards are often stolen. Once the perpetrators have the card, they can use the contactless function to make transactions of up to CHF 80 without entering a PIN.
Card issuers have therefore set a limit for protection. Once this is reached, a PIN request is made. This prevents perpetrators from carrying out multiple transactions in quick succession.
What can I do?
- Set purchase limits.
- If you are suspicious, inform the card issuer immediately.
- Block the card immediately if it is lost, stolen or swiped at an ATM.
- Check card statements carefully.
- Keep the card safe.
7. Card or PIN interception
All credit and debit cards have an expiry date. Customers will receive new and replacement cards in the post. Brazen fraudsters do not hesitate to intercept such items in the post or in the letterbox. In addition, there have also been cases where fraudsters have made fraudulent card applications in the name of the victims and had the card sent to them.
What can I do?
- Check card statements and bank statements carefully.
- Inform the card issuer if an expected card or PIN does not arrive.