-
Siggi Bucher
—
1.8
The branch in Erlenbach ZH: This is where the curious events started.
—-
Siggi Bucher
—
2.8
Points were stolen from Adrian S.: “There must have been someone in the shop.”
—-
Siggi Bucher
—
3.8
Migros customer Adrian S. was left behind – it was his cumulus points that the gangsters missed. Divided into five and ten Swiss francs, S. was poorer by CHF 415 at the end of the criminal shopping spree.
—-
Keystone
—
7.8
Reports of cheated Migros customers piled up this week.
—-
Keystone
—
8.8
The Cumulus system and app are safe, Migros asserts.
—-
—-
Adrian S. * couldn’t believe his eyes. Did he suffer from competition fever? There was no other explanation for this receipt: 32 luckless people should have bought it. With a box of Marlboro Gold. Together they made an invoice of CHF 415.
–
Only: Adrian S. is a non-smoker, he does not buy “Happy Day” tickets. He never entered the Voi branch in Geroldswil ZH, where he is said to have consumed his Cumulus vouchers.
–
The 66-year-old pensioner has been the victim of a Cumulus theft. Reports of cheated Migros customers piled up this week. The first case in French-speaking Switzerland made “20 Minuten” public.
–
Adrian S. was shopping just a quarter of an hour before criminals went shopping with his Cumulus points. Whole cream, butter, pumpkin – he posted everyday items in Migros Erlenbach ZH. The Migros app was open on his mobile phone. Adrian S. uses it to manage receipts and Cumulus accounts and to pay. His cell phone was also connected to the branch’s public WLAN. At 12.26 p.m. he paid at a self-service checkout. So far, so common.
–
Receipts redeemed in Geroldswil
Twelve minutes later, at 12:38 p.m., his Cumulus account was emptied in the Voi in Geroldswil. Voi is a Migros store concept where you can buy what Migros doesn’t actually sell: alcohol and tobacco. Crucial for the crooks: Voi accepts Cumulus vouchers as a form of payment.
–
It takes half an hour to drive between Geroldswil in the Limmattal and Erlenbach on the Zurich Gold Coast. “There must have been someone in the shop who then informed his accomplices,” assumes Adrian S. Only three days later did he notice the theft. He reported it to Migros and reported it to the police station in miles.
–
The Zurich cantonal police confirmed that the criminal case was being investigated, inter alia, for the misuse of a data processing system. Nobody knows who is behind the scam and how it worked. The investigation is ongoing, the Kapo emphasizes. But: “In this case, the use of public WLAN is not the main focus.”
–
“Migros app is from the day before yesterday”
The digital and telecommunications expert Jean-Claude Frick pinpointed another weak point: “As far as security is concerned, the Migros app from the day before yesterday”. Initially, they only managed receipts on this. Today, it works like a banking app. That is delicate. Also because of the data that is on it. “I don’t want everyone to know what I’m shopping for,” says Frick. Anyone who has set themselves up with a username and password is in the system and can switch and do whatever they want on the app.
–
Migros strives to limit damage: the Cumulus system and app are safe. Neither were they hacked nor did leaks arise. In the future, however, the so-called two-factor authentication for Cumulus receipts will be introduced, for example using an SMS code, a spokesman said. Migros assumes that Adrian S.’s password and login data were stolen on another platform. With this data, the perpetrators would have gained access to his Cumulus account.
–
Adrian S. however asserts that he uses different passwords and changes them regularly. The Cumulus points were returned. Adrian S .: «Migros was very accommodating.»
–
Wrap credit and bank cards in aluminum foilWhat kind of scam do I have to watch out for at the moment?
Jean-Claude Frick: The so-called NFC trick is still relatively unknown. NFC is the name of the chip in bank and credit cards that you need for contactless payment. Because this chip always sends, criminals can extract card data.How exactly do the scammers do this?
Like the reader at the cash register, the criminal has to get close enough to our card to be able to extract the data. So be careful at Christmas markets or major events where you get close. A few centimeters are close enough, often no physical contact is required.How do i protect myself
With some cards, the chip can be deactivated on request. Experience has shown that this is more difficult with credit cards. There are protective covers that insulate the radiation because aluminum is installed. What also works flawlessly: wrap your cards in aluminum foil.How secure are new cellphone payment systems?
Significantly safer than Migros or Coop apps. The systems have multi-level security factors. I hardly know any cases of data theft.How safe are self-service checkouts?
I think cracking them is out of the question. Gangsters would have to go to work with tools. That would be noticed.Interview: Tobias Marti
—-
Related posts:
Tabuk Citizen Shares Inspiring Story of Helping Son with Autism through Trade and WorkNear Toulouse. Agrobiosciences will progress thanks to a major project in Auzeville-TolosaneDeutsche Bahn: ICE Saarbrücken - Mannheim will soon be running much fasterAlmost 11,000 lightning strikes in Eastern NorwayRelated