Phishers targeted Hungarian motorway vignette buyers during the period of renewal of the annual national and county motorway vignettes, two official vignette sellers pointed out.
According to a statement from autovignet.hu, phishers used a minimally modified official e-vignette reseller website to gain access to the bank details of careless customers.
The method of fraud is that after filling in the basic fields, the customer is directed to a bank selection page, and after this they ask for login data. The fraud is facilitated by the fact that the data is also forwarded to the bank’s website, so that the unsuspecting user also receives the two-step login authentication request, which he then also passes on to the fraudsters, granting access to his bank account, they wrote.
They also emphasized that the situation is complicated by the fact that fraudsters use a so-called cloaking technique to display two different pages, one for those who click on the paid ad and another for those who visit the website directly (the latter end up on a harmless page).
The phenomenon is not only suitable for undermining trust in online vignette sales, but also for causing significant financial damage, so checking the seller before buying an e-vignette is extremely important, they pointed out.
Only the National Toll Payment Service Zrt., the National Mobile Payment Service Zrt. and their authorized resellers are entitled to online sales, they emphasized.
According to a statement from Voxpay/autopalyamatrica.hu, their customers have informed them that fraudsters are sending offers on behalf of VoxPay for the purchase of discounted motorway vignettes, but Voxpay never does this.
It was reported that the name of the company was probably misused as part of a global cyber attack affecting many platforms, and personal data may have been leaked. Fraudsters can send fake offers in line with this.
Licensed resellers can be found on the website of the National Mobile Payment System Zrt.
(MTI)