When following a certain link on the Mastercard website, visitors will be served online scareware faking a malware infection and trying to sell a cure.
Some years ago, Boon was a popular prepaid credit card supporting Apple Pay. 2020, the company behind it, Wirecard, went bankrupt. The Boon website has since been given up and reclaimed by someone else.
Mastercard is one of the biggest credit card companies worldwide. On its German website, it features a list of banks that support Apple Pay through Mastercard, and the first on this list is boon.
By following that link, depending on the OS the visitor uses, the browser will go to fullscreen, and she/he will be served with a fake system message reporting a local malware infection, and as a solution, will try to sell the user an Avira license, where the website owner very likely earns an affiliate share.
Mastercard Germany IT department StopIT and head of press Juliane Schmitz-Engels have been contacted by Team Spybot on December 3rd, but have not replied so far.
Update from December 14th: after some attempts to follow up by phone, which ended with a receptionist unable to connect to anyone, the malicious link has now been removed 11 days after the initial report. Our requests for comments remain unanswered – why does Mastercard have no automatic outbound link checking, why does it take massive contact attempts before Mastercard reacts, how will Mastercard prevent similar issues in the future?