原标题：新骗局！冒充"保密局"工作人员，专骗微信、支付宝用户，快转给家人提个醒~ 本周二，微信安全中心发布的一篇公告引发关注。今天，"保密观"与你一起，从安全保密角度了解这则 新闻。 "关闭免密支付"新骗局 12月16日，微信安全中心在《微信免密支付功能不收费！》一文中表示，近期，诈骗分子冒充"保密 局""网银后台""平台客服"等工作人员，通过陌生电话联系受害人，谎称其微信、支付宝等平台的"免密 支付"功能已开通或关联了自动扣费服务，若不关闭将连续扣费。 随后，引导受害人访问指定网址，下载具有屏幕共享或远程控制功能的恶意软件。一旦安装，诈骗分子 便可远程操控受害人手机（常出现黑屏），并诱导其进行刷脸认证、输入银行卡密码、短信验证码等关 键操作，从而盗转账户资金。 图片来源于"微信安全中 心"微信公众号 在微信安全中心提到的案例中，用户A接到自称"银监会保密局工作人员"的电话，称其微信、支付宝免 密支付功能关联的保险即将自动扣费，需立即关闭。用户按指示下载一款视频共享软件后手机黑屏，在 对方引导下完成刷脸认证，随后发现银行卡内49万余元被转走。 "保密观"有话说 面对"关闭免密支付"此类骗局，我们需要注意以下几 ...

Regulatory Dynamics - The China Payment and Clearing Association has issued an initiative to strengthen the security management of "no-password payment" services, advocating for the prohibition of default activation and the provision of limit management features [2] - Following the implementation of the "Assisted Loan New Regulations," licensed consumer finance institutions are required to reduce the average comprehensive financing cost of newly issued loans to 20% or below starting from Q1 next year, which may pressure the consumer finance and assisted loan sectors [2] Industry Dynamics - The commercial auto insurance for new energy vehicles in China has surpassed 100 billion yuan for the first time, reaching 108.79 billion yuan, with a year-on-year growth of 36.6% [4] - The penetration rate of new energy vehicles reached 58% in September, with the commercial insurance coverage rate at 91% for the first nine months of the year, indicating a strong growth trajectory in this sector [4] Corporate Developments - Industrial Bank has established a financial asset investment company with a registered capital of 10 billion yuan, focusing on non-bank financial services [5] - Changshu Bank has appointed a new executive team, including a notably young president born in 1986, setting a record for the youngest president of a listed bank [5] - Ma Shang Consumer Finance plans to transfer over 1.8 billion yuan in personal non-performing loans, with an average overdue period exceeding 1800 days [6] - Xinyu Consumer Finance has released six batches of non-performing loan transfers totaling over 2.6 billion yuan, indicating a significant focus on asset disposal [6] - China Bank Consumer Finance has announced changes in its senior management, with new vice presidents expected to enhance business expansion and risk management [6] - Tencent's Q3 report shows a 10% year-on-year increase in revenue from its financial technology and enterprise services segment, driven by strong growth in commercial payment activities and consumer loan services [7][8]

Core Points - Recent reports indicate a surge in Apple ID theft incidents, with users losing amounts ranging from hundreds to thousands of yuan, leading to a significant increase in customer complaints [1][4][5] - The methods employed by fraudsters have evolved, moving away from traditional phishing links to more sophisticated tactics that disguise themselves as legitimate e-commerce sellers [2][5][7] - Many victims were lured into providing their Apple ID and passwords under the pretense of needing to activate low-cost services or products, resulting in unauthorized transactions [3][4][6] Summary by Sections Incident Overview - Users on platforms like Xiaohongshu and Douyin have reported their Apple IDs being compromised, with losses totaling over 4,140 yuan in some cases [1][4] - Affected individuals have formed groups, with membership exceeding 200 within days, indicating a widespread issue [1][4] Evolution of Fraud Techniques - Unlike previous incidents in 2018, current scams are more discreet, utilizing e-commerce platforms to gain user trust [2][5][7] - Fraudsters often request verification codes under false pretenses, exploiting the lack of clear communication from Apple regarding the purpose of these codes [4][7] User Vulnerability - Many victims reported that they were not prompted for additional security measures, such as password input or facial recognition, during unauthorized transactions [4][8] - The reliance on third-party payment tools linked to Apple IDs has created vulnerabilities, as these tools often allow for automatic payments without user consent [7][8] Consumer Protection and Responsibility - The China Consumers Association has noted a significant increase in complaints related to Apple ID theft, with over 3,700 complaints recorded on the "Black Cat" complaint platform [4][8] - Legal experts suggest that both merchants and third-party payment companies may bear responsibility for losses incurred due to fraudulent activities, although victims often face challenges in seeking redress [9][10] Recommendations for Users - Apple representatives emphasize the importance of not sharing account passwords and suggest immediate action if unauthorized transactions are detected [11][12] - Users are advised to regularly monitor their account activity and to be cautious of suspicious links that request personal information [12][13]

Core Points - The article highlights the issue of "ghost deductions" targeting the elderly, where they unknowingly authorize payments through misleading advertisements and pop-ups [2][3][28] - It emphasizes the lack of accountability and support for victims, as many face difficulties in filing complaints and obtaining refunds due to the elusive nature of the fraudsters [4][21][24] Group 1: Nature of the Fraud - The fraud often presents itself as enticing offers, such as "red envelopes" or "cash rewards," which lead to automatic deductions from the victims' accounts [3][15][28] - Victims, particularly the elderly, are misled into believing they are engaging in harmless activities, only to find their accounts debited without their consent [5][15][30] Group 2: Legal and Regulatory Concerns - Legal experts indicate that these practices violate multiple laws, including the Consumer Rights Protection Law and the Cybersecurity Law, highlighting the need for stricter enforcement [4][31][32] - The article discusses the responsibility of online platforms to monitor and manage the activities of merchants on their sites, suggesting that failure to do so could result in shared liability for fraudulent actions [33][34] Group 3: Recommendations for Prevention - Experts recommend that platforms implement robust monitoring systems to detect and block fraudulent activities, as well as establish clear complaint and refund processes for users [32][33] - There is a call for enhanced consumer education, particularly for the elderly, to help them recognize and avoid such scams [30][32]

Core Viewpoint - The incident involving a woman losing 60,000 yuan due to a new type of telecom fraud highlights the hidden and technical nature of modern scams, emphasizing the need for awareness and preventive measures [2][19]. Group 1: How the Money Disappeared - The victim's loss may have originated from a Trojan program that remotely controlled her device, potentially installed through disguised messages or links [3]. - Criminals used the Trojan to obtain sensitive information such as bank card numbers and identification, allowing them to initiate transfers without the victim's active participation [4]. - Exploitation of "no-password payment" features on certain platforms enabled fraudsters to bypass secondary verification, facilitating unauthorized transactions [5]. Group 2: Warning Signs of Trojans - Users should be vigilant for signs such as sudden device lag or overheating, which may indicate a Trojan running in the background [6]. - Automatic redirection to unfamiliar websites or app download pages can signal malicious activity [7]. - An increase in unsolicited SMS verification codes, especially from banking or payment services, is a red flag [8]. Group 3: Emergency Response and Daily Prevention - Immediate actions include disconnecting from the internet to prevent the Trojan from communicating with external servers [9]. - Users should freeze their accounts by contacting their bank or using official apps [10]. - Reporting the incident and preserving evidence, such as messages and call logs, is crucial for police investigations [11]. Group 4: Daily Protective Measures - Avoid clicking on unknown links, even if they appear to come from acquaintances [12]. - Disable small-amount no-password payment options in payment settings [13]. - Regularly scan devices for viruses using reputable security software, particularly for Android users [14]. - Properly wipe data from old devices to prevent information leakage [15]. Group 5: Principles for Identifying Fraudulent Calls - Verify any calls claiming to be from banks or e-commerce platforms by hanging up and calling back using official numbers [16]. - Never disclose sensitive information such as verification codes or passwords, regardless of the caller's persuasion [17]. - Reject calls from suspicious numbers, especially those with international or virtual prefixes [18].