Scammers are currently sending phishing letters containing a QR code by post, claiming that they are from PostFinance. The QR code leads to a phishing page. The title of the letter is “Access to e-banking needs to be reactivated”. PostFinance does not send this type of letter.

Please do not follow the instructions in the letter and destroy the document.

If you have received this letter, please contact our hotline immediately on 0848 888 710 (max. CHF 0.08/min. in Switzerland).

You can find more information on other types of fraud in the blog post "Scammers’ tactics. What you need to know".

Cyber criminals send fake e-mails and text messages using the PostFinance name. They claim, among other things,

• that you have to confirm some documents
• Safety warning: We noticed suspicious activity on your card. Please confirm your identity in order to protect your account and keep your card active.
• We noticed unusual activity on your account. Please verify your identity via the following link.

If you receive a fraudulent message

• Ignore the e-mail or text
• Never follow links from e-mails or text messages, etc. or from other websites
• Always enter “postfinance.ch” directly in the browser’s address bar
• Never disclose sensitive information about yourself if you are asked to do so by e-mail or text message

PostFinance will never ask you to log in by e-mail or ask you to disclose your security elements or card information.

Fraudsters call customers and pretend to be PostFinance employees. The purpose of the call is to gain access to e-finance. A commonly used pretext is that the victim’s e-finance has been hacked. Victims are urged to install software or apps on their computer or smartphone in order to carry out a security check. Hang up immediately if you receive a call like this – it’s a scam.

PostFinance will never ask for your details over the phone

• install third-party software on your computer
• install apps on your smartphone
• tell them your security elements
• switch off security functions on your devices

If you receive one of these calls or have disclosed e-finance security elements or information about your PostFinance Card, contact our hotline immediately on 0800 88 88 77 (domestic max. CHF 0.08/min.).

Further information on voice phishing is available in the blog post “What is vishing and how can you protect yourself against it?” .

Cyber criminals also like to find victims on online marketplaces such as Ricardo, tutti.ch or Scout24. For example, by offering bogus goods and bargain offers that are never delivered. Or by posing as fake buyers and pretending not to be able to inspect the goods, but paying for them in advance. Phishing links are then used to steal data in a sophisticated way. You can read more about the process in this blog post.

How to protect yourself as a seller against data theft on advertising platforms

• If possible, use seller protection and avoid selling platforms where buyers are not clearly identified.
• Always hand over the goods in person for cash, or use a fast and secure payment option such as TWINT when handing over the goods.
• Don’t be talked into shipping anything.
• Never reveal your debit or credit card details under any circumstances.
• For your security, set up 3D-Secure.
• Never enter access data and passwords on a website you have opened through a link someone has sent you, as it might be a phishing link.
• You can use The link will open in a new window ibarry.ch to check whether the website behind the potential phishing link is fake.
• Always enter web pages from banks, Swiss Post and other service providers directly in the browser.
• Never confirm push messages in the PostFinance App if you did not initiate the payment or action yourself. 
• Read up on how to use PostFinance Cards securely.

You will find an overview of the different types of fraud on online marketplaces at The link will open in a new window skppsc (Swiss Crime Prevention).