Andorra Police Probe Fake Firm Cloning Cards via POS Terminals

Andorra police are investigating a suspected fake investment firm accused of cloning bank cards—both credit and debit—using point-of-sale terminals from legitimate businesses, leading to unauthorized purchases by tourists and residents.

Victims have reported multiple incidents in recent days. A Spanish visitor discovered his Platinum card had been duplicated during a planned transaction, prompting him to return home immediately to resolve the issue. Local reporting confirms at least four cases, including a resident woman who identified a 600-euro online charge she did not authorize. After filing a police report, her bank denied insurance coverage, citing exclusions for internet purchases.

Authorities believe the operation involves a foreign investment company registered with false details, possibly operating from a low-cost coworking space to limit expenses. The group allegedly employs advanced technology and multiple POS terminals to copy card data onto blank plastics, enabling quick fraudulent transactions or cash withdrawals before victims detect the activity and block their cards. While a Spanish base remains a remote possibility, cases affecting locals make Andorran involvement far more likely. Cloning typically involves transferring card information for unauthorized charges the holder did not make. Police have provided no further updates.

The investigation coincides with broader declines in fraud complaints. From January to early November, officers logged 27 reports of fraudulent card use—30 fewer than the 57 recorded in 2024—and 458 cases of data misuse, down from 643 the previous year. Most incidents originate abroad, with recent upticks linked to phishing, where victims enter details after receiving deceptive messages or emails impersonating trusted organizations.

Holiday shopping has intensified digital threats, according to Andorra Telecom and the National Cybersecurity Agency (ANC-AD). Phishing and smishing attempts are surging, often masquerading as delivery services, banks, or e-commerce platforms to trick users into clicking malicious links and sharing personal or banking information. "Ghost shops" peddle high-demand items like consoles and toys at unrealistically low prices on temporary websites, while scammers pose as relatives or colleagues requesting urgent gift card codes.

Police urge vigilance: never lose sight of cards in stores and handle them personally; use ATMs alone and inspect for skimmers; businesses must check ID for card payments; opt for secure websites, enable bank notifications, use virtual cards for online buys, and avoid saving card details. Verify suspicious contacts through official channels, and report anomalies to banks or police immediately. Andorra Telecom adds: stick to known sites by typing URLs directly, enable two-factor authentication, and keep devices updated.