Security Tips for Peer-to-Peer Mobile Payment App Users
Recently, there has been a surge in scams organized around abusing the Cash App platform. A number of people reported contacting or being contacted by fake support agents, ultimately having money stolen from their accounts.
ABC13 recently reported a number of people got scammed after contacting fake Cash App support representatives. Support scams are nothing new, similar schemes have been around for a long while, spoofing the support teams of various payment platforms.
Two of the victims in ABC13's story, a Ms. Tamika Waddle and her god sister, called a customer service number that did not belong to Cash App. They said they found the number "online". Once they got hooked by the scammer on the other end of the line, they were made to install additional applications that would supposedly help them resolve the issue. Obviously, those apps were simply extra malware that aided the bad actors running the scam.
Cash App initially refunded the unauthorized payments made on Ms. Waddle's account, but then decided against it. After Ms. Waddle persevered with her claim, the case is currently open and under active investigation.
Similar scams can be found everywhere and can affect users of a wide range of otherwise safe and legitimate apps. There are several rules to follow that will help you minimize risk when using mobile payment applications.
- Never rely on Alexa or Siri to perform support calls. Scammers often find ways to abuse search engines and even pay for their fake listings to come up high in the list of results those bots use. It is best to manually search for a support number if you're going to call phone support and double-check the web page that the number is listed on, making sure it belongs to the organization you need to contact.
- When linking peer to peer payment applications to a source of money, use a credit card and not a bank account. Your credit card usually offers several additional layers of protection that are missing if you directly link to your bank account.
- Make sure to password protect your phone and add a password authentication step to any payments performed in the apps you use.
- Try to use the support options that are contained inside your application. For example, apps like Revolut and Cash App actually don't have dedicated phone support representatives - they rely on either automated messages or support executed inside the app itself.
- Always double-check that you are sending money to the right person.