04.11.2024 - The NCSC is currently receiving reports of phishing e-mails in the name of the OASI compensation office. The message advises recipients that an alleged refund is pending and that they should provide their personal data and credit card information for this. In reality, the cybercriminals are trying to make purchases with the phished credit card data in their favour.
In the current wave of phishing attacks, the name of the OASI compensation office is being misused. By promising a refund, the cybercriminals are trying to elicit the victims' credit card details in the email. With this information, the fraudsters can, among other things, make fraudulent purchases in the victim's name or sell the data to third parties.
The link contained in the e-mail leads to a phishing site that appears trustworthy because it is designed in the colors and with the logo of the OASI compensation office. The fraudsters are trying to encourage victims to enter their personal data and credit card information, including the CVV number, on the site.
Delete these e-mails. You never have to provide a credit card to receive money.
Recommendations
- Do not respond to the demands. A credit card must never be provided to receive money;
- Report the fraudulent messages to https://antiphishing.ch/;
- If you have already entered the credit card information, report it to your bank immediately and have the card blocked;
- In the event of financial loss, NCSC recommends that you file a report with the relevant cantonal police.
