Make a secure Bizum against ‘vishing’ and other frauds | My Rights | Economy

Bizum is a system that simplifies immediate and irrevocable payments and collections by associating the bank account number – the very long IBAN – with the mobile phone number. Almost all Spanish banks offer this service and none apply commissions for its use.

This instant payment system does not have a specific application for use, but is integrated into the application of each bank. In this way, payments by Bizum will have the same security layer as the rest of the operations by having to access the bank’s application and, according to the financial institution, enter an OTP key (one time password or one-time password) that will reach the user by SMS.

What can be done with Bizum?

Transactions with Bizum must have a minimum of 0.50 euros and a maximum of 1,000 euros, but banks can set lower limits. A maximum total of 60 operations can be received per month (previously 150) and issue as many as you want, since there is no limit. It is possible to send a multiple shipment to up to 30 people and the maximum amount that can be received per day is 2,000 euros.

Although you cannot have Bizum with the same phone number in two banks at the same time, it does allow you to associate two phone numbers to a bank account with several holders or to have two phone numbers, being able to associate each number with a different bank.

In addition to making payments between individuals, you can buy at the 21,900 associated online stores, needing to know the Bizum password, which is requested from the bank in the application. Donations can also be made to 4,550 NGOs. If a user does not have Bizum, they will receive a notification by SMS to register in the system. If it does not do so within the specified period, the pending operation will expire.

Also, since December 2020, you can make payments in shops in person through a QR code or pay and collect the prizes in the State Lottery and Betting administrations.

The use of this payment system has grown significantly this summer, the phrase “make me a bizum” has been used in millions of operations. It was born in 2016 and is currently used by more than 18 million people in Spain and it is expected to be 20 million by the end of 2021. To date, more than 690 million transactions have been carried out.

Stunning data that cybercriminals have also noticed.

Frauds to avoid

The operation of the platform is safe, but the truth is that cybercriminals also use Bizum to commit crimes. Although all the information on the operations is registered in the systems and there is a trace with the data of the person who has received the money, it is advisable to file a complaint with the State Security Forces and Corps. Bizum undertakes to collaborate in locating the alleged fraudster by providing the application data and the affected transaction as soon as the authorities request it.

The vishing -union of the terms voice and phishing and that combines telephone and Internet- is a fraud that is carried out through a telephone call or an SMS with the aim of obtaining personal or banking data of a person. It is a fraud where a person calls on behalf of a public body -generally Social Security or the National Employment System SEPE- and indicates that they are going to receive a refund with a specific amount of money, such as a maternity benefit or collect a grant for ERTE due to Covid-19 and that will be managed through Bizum. However, the message is not to receive the payment, but a request for payment.

On other occasions they contact the victim requesting the return of a payment by Bizum that has been sent by mistake, posing even as friends or acquaintances

Among the tricks they use is that of fake buyer. A person interested in a second-hand item put up for sale asks for the mobile number to make a Bizum as a signal, but instead of sending the money makes use of the functionality of requesting it, in the rush it is likely that we will not notice in it and fall into the deception.

There is also the case of fake seller, who sells very desirable things at a price below the market, asks for an advance of the money by Bizum to make the shipment, the product never arrives and the seller disappears with the money quickly.

The National Police has sent an alert to a new scam carried out through Bizum, which can rob users of up to 500 euros at a time. With this scam, they make their victims think they have won a prize endowed with 500 euros in exchange for paying a small commission of a few cents. If the pay button is clicked, the scammer achieves 500 euros.

It is going viral, mainly through the application of WhatsApp instant messaging, a message with a link to a video in which the user who receives it is invited to participate in a collective money exchange. The message states that if 33 euros are delivered and two people are invited, the user receives 1,848 euros after 8 days.

Security Recommendations

  • Use the contacts in the mobile phone instead of writing the phone number by hand. Due to the characteristics of this service, a Bizum cannot be canceled or undone, the transfers are irrevocable and final. The only option if we make a mistake when making a Bizum is to contact that person and agree to return the money or go to the bank to take the relevant steps to try to recover the funds.
  • Do not make jokes about terrorism, money laundering or illegal matters. Banks read Bizum’s affairs, they even call to ask for explanations if something doesn’t suit them. The banks, when reading these messages, the only thing they are doing is complying with the law.
  • Do not share with nobody passwords access to banking channels.
  • Do not give information personal or financial through calls, messages or emails, or through links received by these means. The financial institution only uses its digital banking channels (web and app).
  • Protect devices from malware. Do not execute files or follow links that arrive by email, SMS or messaging and that are strange or come from unknown sources.
  • Upon receiving a money transfer request through Bizum, carefully read the SMS and / or the notification received. Check that the amount and the name of the recipient are correct. To accept the request to send money, it is necessary to access the banking application and enter a second validation factor. Reject the request if the request to send money is not identified.
  • When buying with Bizum in e-commerce, verify that it is a patrusted web gina and that the address bar of the browser begins with ‘https’, which shows a padlock and corresponds to the store in which to make the purchase.
  • Take special care in the case of purchases between individuals. Be suspicious of bargains or pushy sellers / buyers. The seller must ensure that he is receiving a transfer or a Bizum and not a request for payment by Bizum.
  • Report any suspicious movement to the bank and report before the State Security Forces any case of fraud or fraud.
  • The common sense is the best advice. Review and verify all the information before performing and validating an operation

Source link