Your Security 101
We know safety can be a bit of a dull topic - but we try to keep it entertaining. Because it's always super important. So here's a different kind of security blog: first, we'll give you tips on how to memorize your security manifesto while having a little fun. Second, we'll play a game of «What if you gave away your bank details?» and give you three hair-raising answers to it. We'll close with three stories about «Petra, the Post office and Phishing», «Carl, Cash and Credits» and «Robert, Return and Robotrading».
To make sure you don't fall asleep after the first line, here are a few ideas on how you could read your security manifesto: Have a rap battle with your friends - whoever can rap it the fastest without making any mistakes gets a free dinner. Read the manifesto like a football commentator when a goal is scored. Or read it in a dramatic tone to your plants - we don't guarantee a reaction.
Your security manifesto
- Don't give your information to anyone. No one at all. Not even to your pet mites or cacti. And especially not to people who have asked you to open a neon account in exchange for something like a loan.
- Only enter your login code, contract number or transaction PIN in the neon app. Nowhere else. We'll never ask you for it by phone, email or text message.
- Choose safe codes and don't use the same codes for different services. We know your first email address seems like a great choice for a code, like «fitgirl1991» or «sunnyboy1994». No. (This isn't a security tip, but please change your email if you still have a name like that, it's 2021 after all).
- Only give your card details to trustworthy providers. When paying online, check the merchant and amount before approving the payment. And don't just click on links when an email or text message asks you to make a payment. If you're worried you've entered card details on a rogue site: As a precaution, block your card in the app until we've cleared the matter with you.
- Check the sender and do not send sensitive info via email: Every communication from us comes from an email address that ends in neon-free.ch. This means our emails do not end any other way. If you are not sure if an email from neon-free.ch is from us, ask us at service_at_neon-free.ch - and never send sensitive content like your credit card number via email.
Of course, we also do a lot on our side to protect you, for example from phishing. You can find out why your money is safe with neon here. And why we have carried out a so-called «pentest» and what that means, you can read here.
«What if...?» Three scenarios
With your new security manifesto, that won't happen to you. But let's go through together what could happen if you share your data.
Scenario 1: Criminals use your bank details to steal money from you. To do this, they use the login code and transfer PIN they received from you and transfer your money somewhere else. Money that, in the worst case, you will never see again.
Scenario 2: Criminals use your bank details to steal money from others. It works like this, for example: The criminals place a fake ad for a barely used iPhone for the «bargain» price of 200 CHF on platforms like Tutti or Ricardo. Someone can hardly believe his/her luck and transfers the amount before he/she receives the iPhone - because your details are given as beneficiary and a Swiss IBAN looks reputable. The scammers forward the money as soon as it arrives on your account - and of course «someone» doesn't receive an iPhone. And you are involved in fraud and possibly even money laundering (see next point).
Scenario 3: Criminals use your bank details to launder money. Money laundering means nothing else than that your account is used to move criminally earned money. To be more specific: the fraudsters transfer money to your account, and you forward it under false assumptions to the fraudsters at home or abroad - this makes you a so-called «money mule». Even if you do it unconsciously, you may be liable to prosecution.
You think to yourself: «This can never happen to me, how can I be fooled?» The scammers often proceed very cleverly and always find more cunning ways to deceive you. That's why we have listed three well-known scams here:
Petra, the Post Office and Phishing
Petra receives an e-mail from the post office or DHL. It says that there is a problem with the shipping of her package because she still has to pay an outstanding amount of 2.99 CHF. «Did I order something on Zalando again? It's possible», Petra thinks to herself and clicks on the link sent to her and enters the details of her neon card.
As you can imagine: The email is not from the post office or DHL, it just looks like one. Like fishermen do with bait on a hook, the scammers have managed to elicit Petra's card details under the clever pretext of a package. Hence the name phishing. Not only does Petra not get back the 2.99 CHF she transferred, but the scammers can continue shopping with the revealed info and deposit Petra's card with Google, Samsung or Apple Pay on their smartphones. This way for examples how you can recognize it and not fall for it.
Carl, Cash and Credits
Carl is in money-trouble right now and is looking for a loan on the internet. He comes across a Facebook group where private loans are offered. Or he is contacted directly by a private person in this regard. It looks uncomplicated and it says you'll get the money quickly. Just one more thing before he gets the loan: Carl has to pay a «fee», provide a photo of his ID, and open an account at a bank (like neon) to receive the loan. Carl is happy that he got support so quickly, transfers the money, sends photos of his ID, and opens a bank account.
And again: Carl will never see the money again, of course. But that's just the beginning: the scammers can use the ID photos to trick more victims with the personal loan by stealing Carl's identity to portray him as a reputable lender. Or they may even get Carl to provide the login and transfer details for his neon account so they can use his account for money muling. And Carl unexpectedly has criminal charges on his hands in the context of money laundering. Not knowing often (unfortunately) does not protect!
Robert, Return and Robotrading
Robert has been thinking about investing for a while. While researching, he came across an investment offer from a neobank called neon (!), which promises 1.5% returns per month with the help of robotrading. (We can't wait for the second paragraph here, that's not us - neon doesn't have its own robotrading offers!) Robert gets a contract, signs it, and deposits 500 CHF into a legitimate-looking trading account where he can log in and see his transferred amount. And sits back to wait for his return at the end of the month.
As already said: neon has no own robotrading offers! And we also do not provide any product or sales advice by phone. And Robert’s account is 500 CHF lighter. So the scammers misuse neon’s name and part of our the corporate identity like the logo to get people such as Robert to make a transfer and steal money from them. Note: You can find our real offers in the app under «Benefits» - if the offer is not listed there, it is not from us.
If you are unsure or notice something strange: Ask us at any time or report it via e-mail to service_at_neon-free.ch. Or call us - you can find the phone number in your profile tab at «contact neon».
What's your security manifesto again? Don't give your information to anyone. Really no one. Not even to your pet mites... (if you don't know it by heart yet - go back to the beginning).