Stop and think carefully! We pay with payment cards!
“05.01. at 5:45 p.m., through the xxx.ba platform, I announced the sale of a lawnmower. Internet fraud occurred, my card was misused and a total of 1,203.15 KM was taken. The money went to the address www.MOBIDRAMTTL.AM, Yerevan.
The unknown buyer who made the best offer for my lawnmower asked questions about the product. After agreeing on the price (KM 130.00), he requested that the transaction be done through the express mail payment system and provided the link. The entrance to the page was completely identical to the website of the fast mail “XY express” with all the steps for payment.
After entering the name, card number, validity date and CVV number, a verification code was requested from the bank via SMS. After entering the code, the first sum of 1,023.98 KM was withdrawn from my account at 17:34:03, and the second in the amount of 179.17 KM at 17:44:14, after which the balance on my account was 0.71 KM This is how one electronic payment user’s complaint read.
Any fraud, especially in the digital sphere, involves the malicious actions of the fraudster with the aim of shutting down your subconscious and misleading you.
Imagine that you are selling vegetables at the market and that the owner of a nearby greengrocer approached you and wants to buy everything you have displayed on the stall. You guessed the price and he, in order to supposedly pay that price, asked: “Now give me your card?!” What would you say to him in that case? Can vegetables be sold with a card? It’s clear that he can’t! The card is used to buy, i.e. paid for purchased goods! As in our example a third party appeared as the alleged customer, it was completely illogical for our lawnmower seller to give him his card information.
Simply, we all already know that nothing can be “sold” by using any card, but it is used exclusively for purchases and payments. And paying the price is the responsibility of the buyer, not the seller!
To forget this simple logic, those who abuse the Internet and people’s trust mislead you and turn off your subconscious reflexes, “interesting” in a series of details about the product (condition, material, damage, etc.) and when, finally, they bring that ” fateful decision” to “buy” our used bicycle, camera or lawnmower, they ask, well, “just” to send the data from the card to the page of some well-known post office or delivery service, through which they want to “pay us the price and delivery” .
By that time, we, too proud of our own commercial feat of successful sales, had already forgotten that it doesn’t work like that. And, in order for the fraud to be complete, we also confirm the transfer of funds from the account by entering a one-time code or password, which, as a rule, consists of six digits ( eng. “Secure code“ ) that the bank sends to our phone via SMS service, to confirm that we really want to pay something with a card and that the funds can be transferred from our account.
A buyer who wants to pay us money for the thing we sell needs only our account number, and nothing more!
If, for whatever reason, you’ve decided not to mow your lawn anymore, don’t let the new mowers cut you off!
Details of technical and organizational logistics, for those who want a word more…
A multi-layered method of protection, through data on electronic payment instruments (primarily payment cards and electronic/mobile banking) that are known only to the owner of those instruments and a special code delivered by the bank by phone, is called the “3D SECURE” program.
If the protocol agreed with the bank is followed, i.e. if all the steps in this program have been taken and the mentioned data has been entered, there is no possibility of complaining about the transaction with the card companies, and the cancellation order has no effect.
It is considered that the user of the payment instrument through so-called extreme carelessness enabled unauthorized persons to gain access to the access data. In these cases, we are talking about transfers that have been approved by the user, while according to the provisions of the Law on Consumer Protection in the Republic of Srpska, the bank is only responsible for transfers that have not been approved by the owner of electronic payment instruments.
It should be known that the management, maintenance and monitoring of work in the system and all transactions carried out using payment cards are carried out by card companies (Visa, Master, etc.), not banks. In their special data processing centers, every action taken at payment points or machines using a payment card is recorded in detail. This is an important fact that is important and beneficial for both the user and the bank. Banks only issue payment cards to users on behalf of card companies.