drjon: ScamWatch

his wholiness the rev drjon (

drjon) wrote,
@ 2008-05-30 10:37:00

ScamWatch
This just came down the Wire. It's worth passing one...

LATEST SYDNEY CREDIT CARD SCAM

This one is pretty slick since they provide YOU with all the information, except the one piece they want.

Note, the callers do not ask for your card number; they already have it. This information is worth reading. By understanding how the VISA & MasterCard Telephone Credit Card Scam works, you'll be better prepared to protect yourself.

One of our employees was called on Wednesday from 'VISA', and I was called on Thursday from 'Master Card'. The scam works like this: Caller: 'This is (name), and I'm calling from the Security and Fraud Department at VISA. My Badge number is 12460. Your card has been flagged for an unusual purchase pattern, and I'm calling to verify. This would be on your VISA card which was issued by (name of bank). Did you purchase an Anti-Telemarketing Device for $497.99 from a Marketing company based in Arizona?'

When you say 'No', the caller continues with, 'Then we will be issuing a credit to your account. This is a company we have been watching and the charges range from $297 to $497, just under the $500 purchase pattern that flags most cards. Before your next statement, the credit will be sent to (gives you your address), is that correct?'

You say 'yes'. The caller continues - 'I will be starting a Fraud investigation. If you have any questions, you should call the 1-800 number listed on the back of your card (1-800-VISA) and ask for Security.

You will need to refer to this Control Number. The caller then gives you a 6 digit number. 'Do you need me to read it again?'

Here's the IMPORTANT part on how the scam works. The caller then says, 'I need to verify you are in possession of your card'. He'll ask you to 'turn your card over and look for some numbers'. ; There are 7 numbers; the first 4 are part of your card number, the next 3 are the Security Numbers' that verify you are the possessor of the card. These are the numbers you sometimes use to make Internet purchases to prove you have the card. The caller will ask you to read the 3 numbers to him. After you tell the caller the 3 numbers, he'll say, 'That is correct, I just needed to verify that the card has not been lost or stolen, and that you still have your card. Do you have any other questions?' After you say No, the caller then thanks you and states, 'Don't hesitate to call back if you do', and hangs up.

You actually say very little, and they never ask for or tell you the Card number. But after we were called on Wednesday, we called back within 20 minutes to ask a question. Are we glad we did! The REAL VISA Security Department told us it was a scam and in the last 15 minutes a new purchase of $497.99 was charged to our card.

Long story - short - we made a real fraud report and closed the VISA account. VISA is reissuing us a new number. What the scammers want is the 3-digit PIN number on the back of the card. Don't give it to them. Instead, tell them you'll call VISA or Master card directly for verification of their conversation. The real VISA told us that they will never ask for anything on the card as they already know the information since they issued the card! If you give the scammers your 3 Digit PIN Number, you think you?re receiving a credit. However, by the time you get your statement you'll see charges for purchases you didn't make, and by then it's almost too late and/or more difficult to actually file a fraud report.

What makes this more remarkable is that on Thursday, I got a call from a 'Jason Richardson of Master Card' with a word-for-word repeat of the VISA scam. This time I didn't let him finish. I hung up! We filed a police report, as instructed by VISA. The police said they are taking several of these reports daily! They also urged us to tell everybody we know that this scam is happening.

Please pass this on to all your family and friends. By informing each other, we protect each other.

(Post a new comment)

sjl
2008-05-30 12:50 am UTC (link)

I have a very simple policy.

If somebody calls to ask about my financial details, I ask whom they work for. I ask for their names. I ask if they can be reached through the regularly published number (either in the white pages, or on the appropriate website.) I then say, "Right. I will call you back, and we will then talk about whatever it is you wish to talk about."

If they can't be reached through the regular number, I ask if they can place a note on my file about whatever it is they're calling about, and I'll discuss it with the call centre on the regular number.

I've been called twice by my mortgage provider about various minor details, and while they've been a bit surprised by my requests, they've been more than happy to comply. If you get any pushback - any pushback - be wary.

Stay polite, but don't budge. Do not supply any information to an unsolicited caller. Verify that they are indeed who they say they are first. Do not take no for an answer; if they're legit, they won't mind. If they are legit and do mind, call the bank's management chain into the discussion. If the bank management doesn't appreciate your concerns, change banks.

(Reply to this)

sclerotic_rings
2008-05-30 12:59 am UTC (link)

Ah, that brings back memories. At my last job, I worked for a phone center for a company that handled electronic payments for utility companies, and we had all sorts of scampigs calling up who thought we were dumber than they were. Although I knew for a fact that any bank issuing a credit card will NEVER give out that Card Validation Number, nor ask for you to verify it (I'm not sure about Australia, but in the States, anyone calling a bank to get a number that's worn off the back of a card gets a new card issued for his/her trouble), I'd get at least one call a week from some hillbilly in South Carolina telling me "Mah baynk tole me to call YEW to get muh numburr." Uh huh.

(Reply to this)

forwrathandruin
2008-05-30 01:08 am UTC (link)

Yeah. Definitely approve of this PSA.

The SID number on the back of a credit card basically contains every little bit of data that the company has on you, more or less. It's the key that turns the lock.

Working at a major retailer, I occasionally take ship-to-home orders, which require credit card information on the form itself. Once in a while I get a customer who refuses to give me this SID number, getting very upset since they know what it's for and don't trust me with it. I don't get offended at this at all - they're just protecting themselves.

I tell them I have a slot to fill out with it and hand *them* the form, allowing them to do it themselves and fold it up, at which point I place it in the cashier's till without looking and offer to have a manager confirm that I don't have a key to it. This is usually enough to mollify them.

(Reply to this) (Thread)

sclerotic_rings
2008-05-30 02:04 am UTC (link)

You have the right idea. At my old company, if a customer called to complain about our automated system asking about that number, I'd apologize and explain "If you don't feel comfortable giving out that information, don't give it out. I understand completely." I also spent a lot of time with calls from cardholders asking why a payment for, say, Georgia Power was on their cards, and the first thing I'd ask would be if someone had access to the card, because the payment made required the SID number to complete it, and only someone who'd either held the card or received the information from someone who'd had the card would have access to it.

(Admittedly, I had a few WTFs as well. One of our biggest clients was a huge prepaid phone service based in Miami, and we did everything we could to control card fraud, but we still had to clean up a lot of messes. We had the usual cases of "friends" or relatives stealing card information and using it to pay for their phone service, and I had one twit who discovered that her service was turned off because the guy she fucked to get him to pay for her monthly bill had used a stolen card. However, the most obstinate ones were the people whose kids had a phone through this company, found a strange charge made at 3:30 in the morning that amazingly corresponded to their kids' phone numbers, and couldn't figure out how it happened. With one, she was so certain that someone else had stolen her card information and made a payment to her daughter's account to pay for ringtones in order to get her in trouble that I wanted to ask "And if your daughter gets pregnant next week, are you planning on naming your grandson 'Jesus'?")

(Reply to this) (Parent)

	thebellman 2008-05-30 01:20 am UTC (link)
	slick scam. I would say it's close to infallible. (Reply to this) (Thread)

	brucenstein 2008-05-30 02:26 am UTC (link)
	My first thought, too. Very smart. (Reply to this) (Parent)

	delwyn 2008-05-30 02:09 am UTC (link)
	This isn't a new scam - I've been seeing that same notice for a few years now. That's not to say that some people aren't aware of it though ;) (Reply to this)

	bell_man 2008-05-30 09:05 pm UTC (link)
	I have to say that the presentation of this had the ring of an urban legend, but it sounded plausible. Interestingly enough, it's true. (Reply to this) (Thread)

	drjon 2008-05-31 01:13 am UTC (link)
	To be honest, it set off every one of my "not an urban legend" bells. (Reply to this) (Parent)

Username:		Create an Account Forgot your login? Login w/ OpenID
Password:
	Remember Me
	English • Español • Deutsch • Русский…

About

Help

Get Involved

Legal

Store

LJ Labs