📝 Phishing after registering on Payoneer

Funny how it works.

So I have a Payoneer account to accept payments from around the world for my services. Payoneer is neatly integrated with local bank withdrawals. Super convenient, although the fees might be a bit steep.

The mobile app is slightly buggy, but that’s not the worst part.

What I observed over time can be best described as a full-blown phishing offensive. Some nerve.

A day or so after completing my registration, I started getting emails from someone claiming to represent Payoneer, asking me to reply with sensitive information on my business activities. Well, it seemed pretty plausible, except I had already provided similar information on the Payoneer site during registration. Oh and apparently, and should I not reply back to the email, my account would be suspended. Which of course never happened.

Then, a few days later, after ignoring daily phishing emails, I got an SMS. And boy, was it the SMS.

It went something like this:

You are about to purchase [X amount] of crypto on [crypto exchange Y] using funds from your Pyoneer account. Around 3k+ USD. If you don’t recognize the transaction, use this link.

Which I never used or clicked for that matter. Not to mention, I didn’t have 3k USD in the account to begin with.

After ignoring the SMS, the daily emails stopped for a while. However, a week ago, the emails started again.

Yay.

I’m just technically puzzled as to when exactly my personal contact details from Payoneer were leaked to or stolen by malicious actors.

Had I been any less tech-savvy, I would’ve certainly clicked something or engaged with these characters.

Stay vigilant, folks!

These charades get more sophisticated by the day.