Spotlight on different types of fraud

The increasing digitization of our everyday lives also increases the possible avenues of attack available to cyber criminals. They constantly make use of new methods to obtain data and money. That’s why it’s crucial to be able to recognize the different types of fraud. We constantly monitor how the threats are changing.

On online marketplaces such as Tutti, Ricardo and Facebook Marketplace, fraudsters feign interest in the products you advertise. As the advertiser, you then receive a link or QR code from the fraudsters to receive the money for the product - often via WhatsApp. The link then leads to a phishing website which deceptively looks like the authentic website of TWINT, Swiss Post or PostFinance. The phishing website has a URL similar to the actual website.

Never enter your e-finance access data, TWINT code, debit or credit card details on this phishing website! This gives fraudsters access to your e-banking or TWINT.

Please note the following:

  • Do not click on links or scan any QR codes to receive money.
  • Always verify that the URL is correct. PostFinance only communicates using postfinance.ch. Always manually enter the domain (postfinance.ch) directly in your browser address bar.
  • Never disclose your e-finance access data, debit or credit card details or codes, which you receive via SMS. Even if they are requested by an alleged PostFinance employee.
  • Put an immediate end to the discussion with the scammers and call us straight away to block access to your accounts.

If you have disclosed your data, immediately change your login details for PostFinance, TWINT and the debit or credit cards involved and contact our hotline immediately on +41 58 448 14 14.

PostFinance and TWINT will never ask you to disclose your security elements or card information.

Always check where the links lead to. PostFinance only sends messages with links that lead to postfinance.ch.

Cybercriminals send deceptive messages in the name of TWINT that appear to be genuine, asking users to confirm their bank or credit card details stored in their TWINT account, and claiming that their details will soon no longer be accessible via the app. The fraudsters apply pressure by limiting access for a certain period of time.

The QR code or the links lead to a fake website that looks very similar to the TWINT website. The linked fake website attempts to obtain confidential information from you (telephone number, PIN code of the TWINT account, etc.). You are then asked to log in to a fake e-finance login page.

If you receive a fraudulent message

  • Ignore the e-mail or SMS/WhatsApp message
  • Never follow links from e-mails, SMS, etc. or from other websites
  • Always enter “postfinance.ch” directly in your browser address bar
  • Never disclose sensitive and confidential data (e.g. username, e-finance number or password) if you are asked to do so by e-mail or SMS/WhatsApp

If you have disclosed your data, immediately change your login details for PostFinance TWINT, block e-finance and the debit or credit cards involved and contact our hotline immediately on +41 58 448 14 14.

PostFinance and TWINT will never ask you to log in by e-mail or ask you to disclose your security elements or card information.

Always check the sender address in e-mails and where the links lead to. PostFinance only sends messages with links that lead to postfinance.ch.

Scammers send phishing letters containing a QR code by post, claiming that they are from PostFinance. The QR code leads to a phishing page. The title of the letter is “Access to e-banking needs to be reactivated”. PostFinance does not send this type of letter.

Please do not follow the instructions in the letter and destroy the document.

If you have received this letter, please contact our hotline immediately on +41 58 448 14 14.

You can find more information on other types of fraud in the blog post "Scammers’ tactics. What you need to know".

Cyber criminals send fake e-mails and text messages using the PostFinance name. They claim, among other things,

  • that you have to confirm some documents
  • Safety warning: We noticed suspicious activity on your card. Please confirm your identity in order to protect your account and keep your card active.
  • We noticed unusual activity on your account. Please verify your identity via the following link.

If you receive a fraudulent message

  • Ignore the e-mail or text
  • Never follow links from e-mails or text messages, etc. or from other websites
  • Always enter “postfinance.ch” directly in the browser’s address bar
  • Never disclose sensitive information about yourself if you are asked to do so by e-mail or text message

PostFinance will never ask you to log in by e-mail or ask you to disclose your security elements or card information.

Fraudsters call customers and pretend to be PostFinance employees. The purpose of the call is to gain access to e-finance. A commonly used pretext is that the victim’s e-finance has been hacked. Victims are urged to install software or apps on their computer or smartphone in order to carry out a security check. Hang up immediately if you receive a call like this – it’s a scam.

PostFinance will never ask for your details over the phone

  • install third-party software on your computer
  • install apps on your smartphone
  • tell them your security elements
  • switch off security functions on your devices

If you receive one of these calls or have disclosed e-finance security elements or information about your PostFinance Card, contact our hotline immediately on 0800 88 88 77 (max. CHF 0.08/min. in Switzerland).

Further information on voice phishing is available in the blog post “What is vishing and how can you protect yourself against it?” .

Cyber criminals also like to find victims on online marketplaces such as Ricardo, tutti.ch or Scout24. For example, by offering bogus goods and bargain offers that are never delivered. Or by posing as fake buyers and pretending not to be able to inspect the goods, but paying for them in advance. Phishing links are then used to steal data in a sophisticated way. You can read more about the process in this blog post.

How to protect yourself as a seller against data theft on advertising platforms

  • If possible, use seller protection and avoid selling platforms where buyers are not clearly identified.
  • Always hand over the goods in person for cash, or use a fast and secure payment option such as TWINT when handing over the goods.
  • Don’t be talked into shipping anything.
  • Never reveal your debit or credit card details under any circumstances.
  • For your security, set up 3D-Secure.
  • Never enter access data and passwords on a website you have opened through a link someone has sent you, as it might be a phishing link.
  • You can use The link will open in a new window ibarry.ch to check whether the website behind the potential phishing link is fake.
  • Always enter web pages from banks, Swiss Post and other service providers directly in the browser.
  • Never confirm push messages in the PostFinance App if you did not initiate the payment or action yourself. 
  • Read up on how to use PostFinance Cards securely.

You will find an overview of the different types of fraud on online marketplaces at The link will open in a new window skppsc (Swiss Crime Prevention).