Secure electronic services
It is difficult to withstand the scammer attack: they praise you, scold you, rush you into deciding, and try to confuse you with tons of information. Scammers use a variety of manipulative techniques to force their chosen victims into acting quickly, ignoring safety advice, and taking actions that are not good for you.
They may know your name, ID number or other personal information. However, you should be aware that this information is often publicly available online - on social networks, forums, classifieds portals, insecure apps, or leaked databases.
Fraudsters are skilled at involving victims in their fraudulent schemes. They can overwhelm you with information, threaten you with consequences or highlight your lack of knowledge. In this case, the most important thing is not to get emotional and to assess the situation critically.
Fraudsters can impersonate any person, company, or public authority with great confidence, and can communicate with you very professionally by phone, text messages, letters, and other means - forging e-mails, documents, using fake companies, false advertisements, creating copies of real websites, installing viruses and other malicious programs on your computer or mobile device. We therefore always advise you to be suspicious, especially when it comes to unbelievably tempting offers.
What are the most common methods used by scammers?
Fraud by impersonating a Contomobile employee
You are contacted by phone, email, chat app or SMS by a person who introduces themselves as a Contomobile employee. The reason is usually something urgent to do with your account and money, such as blocking an incorrect transfer, onfirming your details, changing your password, or informing you about an awaiting money transfer. During the call, the scammer may ask for your login name, personal identification number and PINs. If you have received an email or SMS, it redirects you to a website that looks like an e-banking login window. After a while, you may see a prompt to enter your passwords sent by your login tool on your phone (or other device).
What to do?
- It is important to understand that the fraudster really wants you to confirm the payment by yourself, as this would make it much harder for you to prove that you did not intend to make the transaction and to recover the amount. Therefore, never enter PINs or otherwise confirm a payment unless you are the one making the transaction.
- Never, anywhere, to anyone, disclose your Contomobile login details (user ID, password or PINs). Contomobile will ever ask you for such details when you are contacted by our employees.
- Always be cautious and critical when dealing with situations involving your money. Stop and think: does Contomobile really have no other way to stop an unauthorised transaction and does it really need to get your login details to do this? Why would someone else need to log into your account when they are the ones who need to transfer money to you?
- Do not open email attachments, especially if you were not expecting the email. Always check carefully whether emails from Contomobile end with @contomobile.com - if there is any difference, it is probably a scam and you shouldn't even open it!
Windfall or inheritance
You receive an email from an unfamiliar sender saying you have won a lottery prize, received a gift, or inherited a generous sum of money (for example, €1,000,000 or more). The organisers intend to transfer the inheritance, gift, or prize to you, but to receive the money or prize, you have to pay certain fees: a notary fee, a fee for opening an account in a foreign bank, shipping costs, parcel service fees, etc.
What to do?
If you haven't participated in a lottery, registered for a game, or know the person whose inheritance you're supposedly receiving, then it's most likely a scam. If you are asked to pay a fee before you receive your inheritance or lottery winnings, this is fraud. Don't transfer your money!
Fraudulent offers to invest
You receive an email offer or notice an advertisement that offers a quick way to make money from your investments with almost no risk. Such an advert will direct you to a website that looks quite credible. You may be offered white paper, consultations or a subscription to a newsletter. Later, you are offered to join an investment website or platform and start investing with a small deposit (for example, €100). Once you have deposited this amount into that platform, you will see exceptionally good – unfortunately, false – yields that will entice you to deposit even more money. You may also receive a call from a salesperson who will update you on a terrific opportunity to earn an even higher return and offer you to invest even more money.
This scam comes to light when you want to withdraw your investment and earnings. There will be additional fees for withdrawing the funds, but even after paying them, you will not be able to get your money back. The scammers will keep trying to contact you and will keep offering you different ways to get your money back with full interest if you pay another fee. Paying such fees will cause you to lose even more money.
You may also be contacted by the alleged victim's representatives and offered "legal" advice on how to make a complaint. If you pay them a fee, you will lose out on an even bigger sum.
What to do?
- If you are promised "get rich quick", "absolutely no risk", "high returns", the investment opportunities are likely to be fake.
- Verification of information is unlikely to be effective because fraudsters are imitating real companies. However, it is worth checking online reviews of the company, where you may also find negative experiences of those who have already been affected. Even a single negative review matters!
- Do not give anyone access to your computer, and do not install on your device any apps that allow other people to control your computer remotely (such as AnyDesk or TeamViewer).
- Do not transfer or deposit money into the accounts of other people or companies if you have the slightest suspicion!
When you browse the internet or social networks, you see a credit offer with an incredibly low interest rate. When you apply for such a loan, you will be asked to pay various fees associated with obtaining the loan, such as notary fees, contract fees, loan insurance fee, loan code fee, etc., by transferring the money to a bank account in another country (often to an individual person rather than a company).
What to do?
If you must pay any fees before you sign the loan agreement, it is a scam! Do not make any transfers! Creditors who grant loans legally and in accordance with all legal requirements indicate the service charges on the standard credit information form (required by law), which is designed to familiarise you with the essential terms and conditions of loan and to allow you comparing offers from other creditors. And you only have to pay the fees when you enter into the loan agreement, not before that!
You meet a foreigner online. Very often, they present themselves as military personnel or ship captains, but they can also present themselves as a member of another profession. You start an intense correspondence. At some point he or she asks you to send him or her some money because of an mishap, or for a plane ticket because he or she wants to meet you, or to send you a gift, etc.
What to do?
Do not transfer money for any purpose. Ignore any suspicious requests for money. If the person asking for the money avoids answering questions about it, persists in asking for it, or gets annoyed, it is probably a scam.
Fraud in business
Business email phishing is a type of fraud where you receive an email from your company’s business email address asking you to transfer money to a specific account. In this case, it is most likely that your company's email server has been hacked and the email is actually from a scammer.
Your company may receive an email from a business partner informing you of a change in the account to which your company is paying for this partner.
CEO fraud is a type of fraud in which fraudsters claim to be your manager and ask you to pay bills or transfer company money to an account. The targets of this fraud are usually the company's accounting staff.
What to do?
- Call your manager or a colleague to confirm if they really asked you to do such task.
- Contact the business partner using the official contact details listed in their contract to confirm the change. This is important because you may suffer losses if your business partner's email account is hacked by fraudsters and your company may breach the contract if transfers money to incorrect account.
What you can do immediately if you are a victim of a scam
Contact us at email@example.com if:
- you've noticed suspicious transactions in your account;
- you suspect that third parties have gained access to your user account.
- you have experienced fraudulent activity aimed at obtaining your account details or embezzling your money.
We will immediately block access to your user account and Contomobile accounts to prevent anyone from accessing your money.
If you notice any unauthorised transactions on your account made before Contomobile blocked your account access, please inform us at firstname.lastname@example.org.
Report security vulnerabilities If you notice something suspicious when using Contomobile services and suspect it may be a security vulnerability, please let us know.
Frequently Asked Questions
How to use Contomobile services securely?
- If you have received a message on your phone from your login tool to enter your password, but you are not currently using Contomobile self-service or app, ignore it. Do the same if you receive a prompt to confirm a money transfer when you are not making any transfer at the time.
- Read carefully what you are agreeing to every time you receive a password notification from your login tool.
- Never disclose your personal data or share your Contomobile login or app data with others, including family, friends or Contomobile employees. These credentials are intended for your personal use only. If you wish to assign additional users to your account, you can do so by contacting us.
- Do not write down, email, SMS or otherwise share or save codes and passwords used to unlock your computer or phone screen. Create complex passwords that are difficult to guess, remember them and change them regularly. When creating PINs, be sure to choose random combinations of numbers. Do not use combinations such as 1111, 1234, your year of birth, address numbers, or other personal or easily guessed information.
- Remember that your user ID is just as important as your personal identification number, so please pay due attention to its security.
- We will automatically block your access to the Contomobile account if you enter incorrect login details (user ID code or login tool code) 5 times in a row.
- The login session will be terminated if you do not perform any actions in the self-service for 5 minutes. In this case, you will be asked to log in again. We use this time limit to prevent others from using your account if you forget to log out.
- When you have finished using Contomobile self-service, log out (by clicking "Log out") and close your browser.
What should I do if I notice a security breach?
Have you noticed something suspicious in our systems and suspect it might be a security flaw? Let us know!
It is important to us that our customers feel secure when managing their money online, which is why we strive to provide the highest level of security for our IT systems. Nevertheless, the possibility of errors remains. If you notice a potential security vulnerability, please be sure to inform us so that we can address it as soon as possible.
Send an email to email@example.com. Make sure you include the following information in your message:
- A detailed description of the security vulnerability, including information such as the URL and the type of security vulnerability.
- The necessary information to solve the problem.
- If necessary, a snapshot of the screenshot of the security vulnerability you have identified.
- Your contact details, if you want to be kept informed of the progress of the decision.
How can I tell if an e-shop is a sham?
There are several aspects that need to be considered to distinguish whether an online shop is trustworthy and safe to shop at.
The first step is to look critically at the prices or discounts offered by the shop. Fraudulent e-shops already offer prices that are significantly lower than the prices of the same or similar products elsewhere. Often, such shops also offer extremely high discounts. They also try to create tension by pointing out that exclusive offers are only available for a short period of time: trying to convince you that you can only get a very cheap price now, because you will not get the same opportunity later. To avoid losses, you should compare the prices offered by traders - if similarly low prices are not available elsewhere, this alone fact should raise suspicions.
The lifetime of the e-shop is also important. Not only does it need to be well-known, but it also needs to be open for a longer period of time. However, pay close attention to the e-shop's website when shopping: scammers sometimes try to copy the websites of well-known e-merchants and change the name just slightly - to take advantage of familiar, established names. Note the address of the e-shop (the link generated by the browser), which must be free of errors or suspicious characters, and make sure that the link starts with the letters https://, which indicates that the trader is concerned about the security of the customer's data.
Customer reviews are another aspect that can help to ensure the reliability of an online shop. Search online for customer reviews about their shopping experience at that store. Do this using at least a few sources to get a more objective impression. Finally, check that the trader has contact details and return policy on the e-shop and that these are genuine so that you can contact them if necessary.