Fraudulent payment scams are frequently reported! Victim binds Foodpanda account and reports a loss of 80,000 yuan

Taiwan’s well-known electronic payment provider “Quan Payment” has recently experienced consecutive incidents of user bank accounts being fraudulently charged, raising public concerns about cybersecurity. According to Public Television News Network, a user posted on Threads, stating that they linked Foodpanda to Quan Payment and set their Yushan Bank account for deductions. As a result, on November 3rd, their phone suddenly displayed over twenty deduction notifications from Quan Payment on Foodpanda, resulting in a loss of more than 80,000 yuan.

80,000 Yuan Fraud Case Sparks Public Outrage Over Blame-Shifting Among Three Parties

According to Public Television News Network, on November 4th, a user posted on Threads, saying they linked Foodpanda to Quan Payment and set their Yushan Bank account for deductions. On November 3rd, their phone suddenly showed more than twenty deduction notifications from Quan Payment on Foodpanda, with a loss exceeding 80,000 yuan. The twenty-plus deductions imply approximately 3,000-4,000 yuan per transaction, possibly indicating that the fraudster ordered大量餐點或商品，並在短時間內連續下單。

The user stated that because the funds were directly deducted from their bank account, Yushan Bank claimed the money had already been transferred out, similar to a transfer, making it difficult to recover. Foodpanda customer support responded that since the fraudster deleted all data, their backend could not find any transaction records. This blame-shifting among three parties is the most frustrating for victims. Each side has reasons to deny responsibility: Yushan Bank believes the funds were legally authorized and transferred, similar to a transfer that cannot be recovered; Foodpanda claims there are no records in their backend to handle; Quan Payment might think it was user account theft rather than a system vulnerability.

The user emphasized that they did not click any suspicious links but are now facing blame-shifting among Quan Payment, Yushan Bank, and Foodpanda. Currently, they can only report to the police. The claim of “not clicking suspicious links” complicates the case further. If the user truly did not disclose their account password, then the fraud could stem from: a system漏洞導致帳號資訊洩露、內部人員竊取用戶資料、第三方平台（Foodpanda）的安全漏洞、或是用戶在不自覺的情況下洩露資訊（例如使用公共 WiFi、手機被植入木馬等）。

After the user shared their experience, some netizens strongly advised avoiding linking any payment tools or automatic deduction services to bank accounts or debit cards; instead, they should prioritize using credit cards. If issues occur, disputes can be filed with the bank. If account linking is necessary, using a low-balance dedicated account is recommended to control risks. This is highly practical risk management advice.

Five Practical Tips to Prevent Fraud

Prioritize linking credit cards: Credit cards have dispute mechanisms, and banks will assist in追討

Avoid linking bank accounts: Direct deductions are like transfers, difficult to recover afterward

Use dedicated accounts: If linking accounts is necessary, use low-balance dedicated accounts

Regularly check transactions: Review deduction notifications daily and handle anomalies immediately

Enable transaction notifications: Ensure real-time alerts for every transaction

Phishing Emails Impersonating System Updates to Steal Personal Data

In addition to fraud incidents, some users reported receiving phishing emails impersonating “Quan Payment App System Update.” After clicking the link and entering personal information, they were immediately fraudulently charged over 20,000 yuan. This type of phishing email scam is one of the most common attack methods in the virtual currency and digital payment fields.

Phishing emails are often crafted very meticulously, using logos, layouts, and wording similar to official communications, making it difficult for users to distinguish authenticity. The content usually creates urgency, such as “Your account will be frozen,” “System upgrade requires immediate update,” or “Abnormal transaction needs verification,” prompting users to click links and input information out of panic.

Once users click on the phishing link, they may be directed to a fake login page. This page closely resembles the real Quan Payment login page, and any account, password, OTP, or other information entered will be intercepted by scammers in real time. With these details, scammers can log into the user’s real account to transfer funds, make purchases, or perform other operations. More dangerously, some phishing sites request users to input bank card numbers, CVV, and other sensitive data, enabling scammers to directly steal from the user’s bank account.

In response, Quan Payment issued a statement on October 31st, noting that recent scams have become increasingly rampant. Unscrupulous individuals impersonate well-known brands, online malls, or financial institutions, creating highly similar “phishing websites” or sending fake promotional links to lure people into entering personal data, OTP, or credit card information, leading to fraud and losses.

Quan Payment emphasizes that official email addresses end with “@pxpayplus.com,” and system updates are only conducted via the App Store or Google Play. They will never request users to click unknown links via email or SMS to update accounts. Recognizing these points is crucial; users should remember and carefully verify any email claiming to be from Quan Payment.

Risks of Digital Payment and Virtual Currency Scams

The frequent fraud cases involving Quan Payment highlight the shared risks in the digital payment and virtual currency scam domains. Although Quan Payment itself is a fiat currency electronic payment tool, not a cryptocurrency wallet, the security issues it faces are similar to those of virtual currency scams.

First, both rely on digital identity verification and online transactions. Once account passwords or private keys are leaked, assets can be transferred instantly and are difficult to recover. Second, both face phishing threats, with scammers impersonating official websites or apps to steal user information. Third, after theft occurs, both face challenges in reimbursement, especially when funds have already been transferred or spent.

Virtual currency scams are even more diverse and covert. Besides phishing websites, they include: impersonating exchanges or wallet apps (uploading counterfeit apps in app stores to trick users into downloading), investment scams (promising high returns to lure investments), airdrop scams (asking users to connect wallets and authorize transfers), and social engineering (pretending to be customer service or project representatives to steal private keys). Compared to Quan Payment, which mainly faces traditional account theft and phishing attacks, the prevention principles are similar.

If users notice any abnormal transactions or suspected account compromise in Quan Payment, they should immediately contact their card-issuing bank and Quan Payment customer support for assistance or report to the 165 Anti-Fraud Hotline. Timeliness is critical; early detection and reporting increase the chances of freezing funds or recovering losses. Many banks and payment platforms have abnormal transaction monitoring systems that can intervene if irregular activity is detected before funds are fully transferred out.

As for the user claiming not to have clicked any suspicious links but still lost 80,000 yuan, the actual circumstances and whether the issue lies with the user, Foodpanda, Yushan Bank, or Quan Payment remain to be clarified after police investigations. Such cases are complex, requiring examination of system logs, transaction records, and whether the user’s phone or computer was compromised. Responsibility cannot be determined until the investigation concludes.

Systemic Challenges in Digital Payment Security

The frequent fraud cases involving Quan Payment reflect systemic challenges faced by the entire digital payment industry. As electronic, mobile, and virtual currency payments become more widespread, assets increasingly exist and circulate in digital form. This convenience comes with heightened security risks.

Traditional cash and physical cards, while also vulnerable, have physical limitations. Thieves need physical access to your wallet or card, and theft may leave physical evidence. Digital assets, however, can be accessed remotely, allowing hackers to intrude into accounts from across the globe and transfer all funds within seconds, often leaving little trace. This amplifies the need for upgraded security measures.

However, security and convenience often conflict. Overly strict security measures—such as requiring multi-factor authentication for every transaction, frequent password changes, or transaction limits—can degrade user experience and cause user attrition. Conversely, lax security increases the risk of theft. Finding the right balance is a challenge all digital payment platforms face.

From a regulatory perspective, Taiwan’s Financial Supervisory Commission enforces strict cybersecurity requirements for electronic payment providers, including regular security assessments, establishing abnormal transaction monitoring systems, and insurance coverage. However, regulation often lags behind technological developments and evolving scam tactics. When new attack methods emerge, regulations may not yet cover them, leaving providers and users exposed.

For users, enhancing cybersecurity awareness is the most effective defense. Avoid clicking unknown links, refrain from entering personal data on unofficial websites, use strong passwords and change them regularly, enable two-factor authentication, and keep software updated. These basic security habits can prevent most attacks. Additionally, regularly review transaction records, stay alert to suspicious activities, and understand common scam techniques for self-protection.

From Quan Payment’s perspective, frequent fraud cases damage brand reputation and user trust. The company needs to take proactive measures, including upgrading security systems to prevent account theft, strengthening user education, streamlining reporting and handling of abnormal transactions, and actively assisting users in追償 when fraud occurs. Only when users feel secure will they continue to use this payment tool.

In the broader context of virtual currency scams, security issues in digital assets and payments will persist long-term. As technology advances, scam methods evolve—from early phishing websites to AI-generated fake customer service, deepfake videos, and social media-based targeted scams. Attackers’ technical capabilities are continually improving. Users, companies, and regulators must continuously enhance their defenses to protect assets in this ongoing cyber battle.

The final responsibility and resolution of Quan Payment fraud cases will set an example for Taiwan’s electronic payment industry. Clarifying responsibility and establishing fair compensation mechanisms will raise industry standards. Conversely, continued blame-shifting and victims’ inability to seek redress could severely undermine user confidence and hinder industry development. This is not only an issue for Quan Payment but a critical matter for Taiwan’s digital finance future.