Cybercriminals send deceptive messages in the name of TWINT that appear to be genuine, asking users to confirm their bank or credit card details stored in their TWINT account, and claiming that their details will soon no longer be accessible via the app. The fraudsters apply pressure by limiting access for a certain period of time.
The QR code or the links lead to a fake website that looks very similar to the TWINT website. The linked fake website attempts to obtain confidential information from you (telephone number, PIN code of the TWINT account, etc.). You are then asked to log in to a fake e-finance login page.
If you receive a fraudulent message
- Ignore the e-mail or SMS/WhatsApp message
- Never follow links from e-mails, SMS, etc. or from other websites
- Always enter “postfinance.ch” directly in your browser address bar
- Never disclose sensitive and confidential data (e.g. username, e-finance number or password) if you are asked to do so by e-mail or SMS/WhatsApp
If you have disclosed your data, immediately change your login details for PostFinance TWINT, block e-finance and the debit or credit cards involved and contact our hotline immediately on +41 58 448 14 14 (at telecom provider’s rate).
PostFinance and TWINT will never ask you to log in by e-mail or ask you to disclose your security elements or card information.
Always check the sender address in e-mails and where the links lead to. PostFinance only sends messages with links that lead to postfinance.ch.