Overview
- Mexican authorities and national outlets issued fresh alerts on Dec. 17–18 about “Toque Fantasma,” which uses NFC to trigger unauthorized contactless charges.
- Security researchers describe a token‑relay method that captures a one‑time authorization code at close range and retransmits it to complete a separate payment.
- Perpetrators carry portable readers or modified phones in crowded transport, malls and events, often needing less than about 10 centimeters from a pocket or bag.
- A remote variant uses social engineering with off‑store apps that ask victims to tap their card to a phone for “verification,” then forwards the token for fraudulent transactions.
- Recommended defenses include turning off NFC when not in use, using RFID‑blocking wallets or sleeves, enabling real‑time bank alerts, and reporting unrecognized charges to banks and Condusef, with no large bank breach indicated.