Digital money fraud has increased by 3,000% in the last two years as more and more people use wallets in their daily lives
Argentina is experiencing a veritable wave of crimes related to “electronic money”, 3,000% growth was registered In the fraud complaints in the last two years, According to the Specialized Financial Unit in Cyber Crime (UFECI), .
According to Kolsa, 18% increase in the number of active accounts (up to 156M in 2022), of which 80% are banks and the remaining 20% are open in digital wallets.
attacks occur Remote-controlled for over 7 million users of Mercado Pago, In fact, Mercado Libre and its wallet lead Most Complaints Ranking (UFECI).
This is assured by the head of the prosecution, Horacio Azzolin iProUP that “it is logical that we have More complaints as people turn to digital wallets in a big way, Also, there was only one before the pandemic and now many more.
1. Mercado Pago: What if your cell phone is stolen
George Nieve, director of innovation at Vortex, confirms this iProUP that “criminals are getting more and more creative: sometimes Carelessness of users, they apply techniques of Social engineering to set up scams once they appropriated the cell phone and credentials”.
however, there is A Mercado Pago flaw that seems to be “tailor-made” for scammers:
- Criminal steals cell phone: If he can’t unlock it, put the chip in another phone
- Automatically receives email address, telephone number and WhatsApp
- Enter Mercado Pago website, write email and ask to reset password
- Wallet sends a code by SMS, WhatsApp or automated phone call to convert it
- By doing so, you login to the account, empty it, make purchases or withdraw credits
- Alternatively, you can write to the victim’s contacts and ask them to lend or transfer money.
snow indicates that Do not change voicemail password An additional risk is involved, as criminals do not answer calls but code is registered to change it in a message.
2. Mercado Pago and Mercado Libre: How’s the Uncle’s Story
Juan Aguirre, Sophos Sales Engineering Senior Manager LATAM said iProUP It is a very common fraud that “Scammer impersonates Mercado Libre via email or text messagesnotify user Problems accessing the account and requesting your login information to solve it”.
“With this information, he conducts e-commerce transactions which will be charged to the violating user,” he says cyber criminals also make fake brand websites
The modus operandi in messages being transmitted through WhatsApp is ever-increasing. Avoid entering Mercado Pago or Mercado Libre without entering the address manually in the browser or using the official app, In fact, if a link is opened from both platforms and it does not go to the application (as long as it is installed on the cell phone), it is cause for alarm,
3. Mercado Pago: How they scam you with fake offers
A recurring option of cyber criminals is to launch great deals or gifts, “They find it Victim sends information believing it to be a valid communication“, Signal of iProUP Sol Gonzalez, security researcher at ESET Latin America.
The executive remarks that later “They retain your access credentials and datalike card number. In addition to mail Campaigns that broadcast via WhatsApp with modus operandi Similar”.
4. Mercado Libre: how is the “double scam”
There are criminals who pose as Mercado Libre and other consumers. Gonzales “breaks the mechanism of”triangular fraud, In which there are two victims instead of one:
- ,buy something valuable to take advantage of Negligence of the sellers to overlook the purchase when you receive the product,
- ,He The means of payment you used is a credit card belonging to a different person to the purported buyer,
- ,if he The seller who receives the money is not aware of this difference in identity, it may be too late to claim goods,
Mercado Pago deposits 77% into virtual accounts. Also the interest of cyber criminals
5. Mercado Libre: how is the “false sale” method
another resource Selling and false returns of products. Both sides of the transaction can also be affected.
Along these lines, Azzolin indicates that it is a type of fraud that has always existed: “User makes a purchase, proceeds with the payment and at the end of the operation no further response is received and is blocked“. And, apparently, you do not receive the product.
6. Mercado Pago and Mercado Libre: How they scam you with both apps
Experts point to another fraud that proceeded strongly and as the main character Unicorn’s two platforms:
- Victim receives false payment receipt of the purported buyer for a too much amount of scheduled
- You inform the seller that they are going to call him To solve this with a fintech or bank
- The person is an affiliate who takes access data from the vendor in your account to clear it
7. Mercado Pago: How about an instant debit scam
Megatec director Miguel Rodríguez confirms this iProUP that lead to events instant debit, “If someone sells products or services, say a person posing as a customer send request to transfer money as advance,
,Informs the delinquent account holder that he will receive an SMS acknowledging receiptbut in doing so you are really Accepting Instant Debit Requests: That amount is deducted from your own bank account instead of being received,” he completes.
8. Mercado Pago: What a scam with QR
within the arsenal of techniques through which the crime was committed QR code or payment link, Mercado Libre to avoid commission and charge the buyer with the alleged discount,
The user is the weakest link: therefore you must maximize the prevention methods
,most don’t know QR made for face-to-face shopping, When you pay, it is assumed that you already have the product and therefore, the money is immediately credited to the seller,” warns the ESET manager.
How to Avoid Scams at Mercado Libre and Mercado Pago
Experts emphasize that users should consume all security measures, Emiliano Piscitelli, cybersecurity expert and CEO of Begu, shares some Advice,
- Protect cell phone with fingerprint, pattern, face or pin, Avoid using the same to login to the app
- If the second authentication layer is a number pattern, make it strongAvoid passwords like :0000 or 1234
- Activate a different security level for carrying money
- Enable second factor authentication or two-step verification on all apps
- Use password managers that allow you not only to store keys, but also to generate them: Keychain, KeePass, Authy, Google Authenticator etc.
Rodriguez adds the following recommendations,
- “Use a wallet that requests photos of the DNI upon registration”
- “Don’t use the platform’s unofficial payment channels”
- “Verify the genuine sender of the communication and do not provide sensitive information”
- “Confirm that the communication is legitimate through its official channels”
If all this is not enough and you are the victim of a hoax, The steps to follow are:
- Complain in person at the police station and by mail at (email protected)
- Report the matter to UFECI by email at (email protected)
- Report the incident to the entities and platforms where the scam took place
The key will always be in prevention: Be cautious, act slowly, be aware of the risks and implement account security measures They will be key to taking care of money in the face of 4.0 cybercrime that will not rest.