Yesterday we learned how Bizum was preparing its own app and shortly after we saw how it could be tested. An application that shows interest in this platform for fast and free payments. Interest from users but also from scammers who they see in it a good system for deceive potential victims.
It has been the Internet Security Office (OSI) that has alerted of a new type of scams that use Bizum. Scammers who operate on pages and platforms for buying and selling such as Milanuncios, Vinted or Wallapop and in which they try to take advantage of clueless users.
A Nigerian prince does not write to you here
Neither Bizum nor these platforms have anything to do with the matter, but friends of illegalities have discovered a phylumn in which these tools are your weapon and deceive the user at the time of payment the key.
The modus operandi could not be more basic, but also effective. When it comes to selling or an item, the user sets a price but it is the buyer who, instead of proposing the payment of an amount, submit a Bizum payment request.
According to the Internet User Security Office, this is the process they usually use regardless of the financial institution used:
- If the seller does not pay attention to the message and accesses his bank account, he will find a message showing the money requested with two options: “Confirm” to confirm the sending of money and “Reject” to reject the payment.
- In the case of accepting the payment, the application will show a new screen with the amount to be paid, the concept and the identity of the applicant, where it must confirm that all the data is correct. Again, a message is displayed indicating that when confirming, the money that you have requested will be paid.
A strategy intended for people who sell products of all kinds and that they use Bizum as a means of payment. Cybercriminals appear to be a normal shopper. With no Nigerian princes or wealthy heirs involved, they take an interest in the product and ask to pay for Bizum. So far everything normal but as the saying goes, all that glitters is not gold.
When requesting to make the payment via Bizum, instead of making the payment effective, what they do is send a request for money to the seller via Bizum. And this is where clueless or not so savvy users can fall. Because in addition, the quantity they request is usually greater than the price of the product. In this case the seller could find himself without money and without product. And we must not forget that Bizum performs the operation immediately and it is not possible to reverse the operation in most cases.
From the OSI they offer which are the steps to follow for a person who is a victim of this fraud:
- Contact the bank as soon as possible and inform them of what happened.
- Bring the case to the attention of the platform of sale where the cybercriminal contacted and provided the necessary data.
- In necessary case, report what happened to the State Security Forces and Bodies (FCSE), collecting all the evidences and tests that you have (conversations, messages, emails, contact numbers, etc.).
They also provide a telephone number corresponding to the INCIBE Cybersecurity Help Line, 017, free and confidential. Along with these tips, other very practical In order not to fall for these types of scams, steps that in fact recommend following the same platforms:
- Do not share personal data in the conversation in the app or e-mail or phone number.
- Use the platform’s chat instead of talking at a private level (WhatsApp, Telegram, telephone) … This means that we have already broken the first advice.
- Check the profile, if it has positive evaluations, if it is verified …
- Ignore the person concerned if chatting with the person does not inspire confidence or doubts about the veracity of their profile.
- Be wary of absurd offers, foreign buyers and strange profiles, those messages that ask you to close the deal by mail …
- If you accept the payment via Bizum, read the content of the messages well.
More information | OR IF