How do fraudsters lure out card PINs and other data on trading platforms? The main tool in their scheme is fake websites and links that imitate genuine resources. This was reported by the State Special Communications Service.
More information on Internet security can be found on the websites of the National Bank of Ukraine and the State Service of Special Communications.
An example of a fraudulent scheme
- The fraudster pretends to want to buy the goods.
The attacker writes to the seller on the OLX marketplace, showing interest in the goods. He offers to transfer the communication to the Telegram messenger, allegedly citing technical problems with the display of photos on the OLX platform. - In the messenger, the fraudster announces that he is ready to buy the goods and offers to organize the shipment via Nova Post with full prepayment to the card. To do this, he asks the seller for the card number for payment and sends the address for delivery.
- He claims that he has paid for everything and sends a phishing link stylized as a bank authorization page, where the seller is asked to confirm receipt of funds.
- The seller is asked to enter a mobile phone number, card number, and PIN to confirm receipt of funds.
The phishing page asks the seller to enter a mobile phone number, card number, and PIN to confirm receipt of funds. - The fraudster steals the money.
The fraudsters use the data obtained to link the user’s account to a new device or for online authorization on the portal of the relevant bank, which allows them to withdraw funds from the victim’s account.
How to protect yourself from fraud?
- Discuss the details of the transaction exclusively in the trading platform’s chat or using its app!
- Check the websites where you enter your data.