Clever scam on credit/debit cards

Angilion · 19 Jan 2009 at 19:54

I saw a warning in a forum today, so I checked it out because so many of these warnings are fake. This one isn't, according to Snopes. It's a smooth scam to get you to give the thieves the 3-digit security code from the back of your card, which can't be obtained other than from the card itself.

http://www.snopes.com/crime/warnings/creditcard.asp

Glaucus · 19 Jan 2009 at 19:56

You would be stupid to fall for that....

Never ever tell anyone anything if they have contacted you. Listen to what they say. Put the phone down and phone the bank from a known number.

Grimley · 19 Jan 2009 at 20:04

The credit card companies already know your card details, so when someone phones you (whoever they are) & asks for them, anyone with a smidgeon of common sense should be suspicious, hang up & report it.

Rainmaker · 19 Jan 2009 at 20:07

Companies themselves don't do much to help reinforce defences against this type of scam, though. For example, Sky and BT (to name just two) are bad for this. They cold-call you (the customer) along the lines of:

BT: Good evening can I speak to (the account holder) please?
Me: Speaking.
BT: We're just giving you a quick courtesy (read: sales) call. We noticed your calls are router via another provider (Sky Talk) at the moment, and wondered if you've seen the new rates BT are offering blah blah blah?
Me: Sure. Can you please confirm the full address and postcode related to my account? And now my account number, the amount of my last monthly direct debit to you, my date of birth and the third and sixth letters of my password, please?
BT: Um, we don't have access to that information.
Me: So how do I know you're calling from BT? You're wanting me to hand over payment information here.
BT: How do you know we're from BT? Well, I told you when you answered the phone.

sbi5ar · 19 Jan 2009 at 20:17

Rainmaker said:
BT: How do you know we're from BT? Well, I told you when you answered the phone.

haha classic

CliffyBiro · 19 Jan 2009 at 20:20

Rainmaker said:
BT: How do you know we're from BT? Well, I told you when you answered the phone.

Haha!

That's the sort of line I use when customers start getting sarky with me.

MiNxYyY · 19 Jan 2009 at 20:20

Must be a noob to hand details over the phone like that.

Rainmaker · 19 Jan 2009 at 20:23

skippi90 said:
Haha!

That's the sort of line I use when customers start getting sarky with me.

Not when you're cold calling them asking for payment information though, I hope!

Burnsy2023 · 19 Jan 2009 at 20:23

Rainmaker said:
Companies themselves don't do much to help reinforce defences against this type of scam, though. For example, Sky and BT (to name just two) are bad for this.

That is shockingly bad IT security. If they did that to me I'd complain.

sbi5ar · 19 Jan 2009 at 20:26

Vodafone is bad for this, just calling up and asking to prove who you are.....

It becomes a pain in the bum when you get loads of calls from random people randomly telling you your contract is coming to an end, which when you reply no it isn't, they ask oh, well who are you with and when is it ending, to which i hang up (i prob shouldn't of said it isnt ending)

not had those calls for a couple of years now

Burnsy2023 · 19 Jan 2009 at 20:30

Has anyone read a Kevin Mitnick book? Especially the Art of Deception? This is one of his key tools to get confidential information. By having a limited amount of authentic information you gain credibility to get information you don't possess.

Voda, BT and others should be ashamed of themselves.

platinum87 · 19 Jan 2009 at 20:30

thats not new, people began this as soon as 3 digit codes were required on the internet, back in the day when just a cc number would work

gumbald · 19 Jan 2009 at 20:32

The joys of social engineering.

Burnsy2023 · 19 Jan 2009 at 20:33

gumbald said:
The joys of social engineering.

Indeed, a SE attack is difficult to defend against as it is without confusing people.

gumbald · 19 Jan 2009 at 20:34

Computers will never be safe while humans are involved. Replace all the humans.

Glaucus · 19 Jan 2009 at 20:35

Burnsy2023 said:
Voda, BT and others should be ashamed of themselves.

HSBC is very bad, especially and ironically, there fraud centre.

If you phone back the bank they can't tell you whats happening and say you shouldn't ignore the fraud call. WTF.....

Dave M · 19 Jan 2009 at 20:48

It's simple, if your bank calls you asking for information you have to give it to them, otherwise they can't prove it's really you.

If anyone else calls you pretending to be your bank don't give them any information it's a scam.

My bank hasn't explained how I tell the difference yet but as far as I can see it's good advice so far

Glaucus · 19 Jan 2009 at 20:49

Telescopi said:
It's simple, if your bank calls you asking for information you have to give it to them, otherwise they can't prove it's really you.

what, that's silly. how do you know it's the bank..

gumbald · 19 Jan 2009 at 20:51

They should give you their credit card details to prove it.

bubblebobble · 19 Jan 2009 at 20:58

I recently had an indian lady (for now) call me and tell me I needed to make a payment of 6.50 immediatly or our lines would be cut off.
This sent bells ringing as Bt would never do such a thing , she said she could take payment now by credit/debit card.
I told her bills were paid but 1 month earlier; she tried to scam me more but I turned the tables on her and asked to speak to her superior and to give me my account number.
She hung up............
Thing is so many people would have been scammed with that as it was such a small amount and rememebr most of bts call centres are in the east.
B****Ds