- A Bernese father (34) lost 40,000 francs in a phishing attack via the Ricardo platform.
- “Tiago”, a fake buyer, tricked him into entering his bank details on a fake site.
- The bank denies liability because the man enabled the two-factor authentication himself.
On the Ricardo platform Used or new goods are easy to get hold of, although they are sometimes expensive. A man (34) from Bern published one on a Friday at the beginning of March Advertisement for a pair of shoes.
Two days later, on Monday, the family account was empty except for 8 francs. The Bern family lost 40,000 francs and became victims of criminals like that “Berner Zeitung” reported.
A buyer named “Tiago”
After the ad was published, a buyer named “Tiago” quickly came forward. He also wanted to communicate via WhatsApp.
“Tiago” asked the man if he could send him the shoes by post at his own expense. He also suggested using a bank transfer via the Ricardo app to pay. To do this, “Tiago” asked the Bernese resident to provide his email address so that “the link for tracking the shipment” could be sent. Shortly afterwards, the Bernese resident received a phishing email: “Please click here to receive the money.”
Have you ever experienced a fraud attempt when buying or selling online?
In just a few clicks in your bank account
This is how the criminals received all the important information: the data was intercepted by an intermediary attacker and at the same time entered into the real website of his bank. In this way, the two-factor authentication that banks use could be outsmarted. In just a few clicks, the fraudsters had access to his entire bank account.
“Everything was gone except for 8 francs”
Spread over two days, 40,000 francs flowed to Brussels, Germany and Vienna via debit card purchases and international transfers. The following Monday, the Bernese man’s wife was no longer able to pay a bill. “Everything except 8 francs was gone, you lose the ground under your feet,” said the Bernese.
“I’m ashamed of my mistakes.”
The man filed a police report. But the bank rejected liability because the Bernese citizen himself had approved two-factor authentication. “Looking back, of course, I see everything I did wrong and I’m ashamed of my mistakes,” said the Bernese father.
Criminals usually don’t know each other personally
The perpetrators are usually networked groups that operate abroad, Bernese cybercrime prosecutor Marcel Meier told the BZ. “The actors often don’t know each other personally, but only from online traffic,” said the public prosecutor.
Activate the Bern Push now!
Only with the Bern Push of 20 minutes can you get the latest news from the Bern, Freiburg, Solothurn and Valais regions delivered to your cell phone at lightning speed.
This is how it works: Install the latest version of the 20 Minutes app. Tap on “Profile” at the bottom, then on the “Settings” gear and finally on “Push notifications”. Select the topics you want here. Voila!
Fabienne Gnos (fgn), born in 2002, started her internship in the Bern department in February 2026.
