Hackers are using a scam technique combining postal mail and QR codes to deceive PostFinance customers.
Customers receive a phishing letter by post, claiming to require reactivation of their e-banking access, which prompts them to scan a QR code leading to a fraudulent site. A lengthy process, but terribly ingenious and credible, as the letter includes personal information.
The hackers would probably have obtained the card numbers and postal addresses of their victims by hacking into online sales sites. Steven Meyer, co-CEO and co-founder of ZENDATA, points out that this scam represents a return to the roots of scams (postal mail), combining modern technology (QR codes) and ingenuity.
The effectiveness of this scam is based on three elements:
- the use of postal letters to gain the trust of victims
- using QR codes to mask the real URL
- the creation of fake websites to steal personal information.
This type of fraud is particularly worrying because QR codes can be just as dangerous as clickable links.
In such cases, it can be crucial to put protection in place on your smartphones.
Read the full article here.
