New telephone scam to be aware of

[Convert3]

On another forum I belong to, someone posted this caution about a new telephone scam to be wary of:
“A colleague of mine told me a scary story today. He was part of the equifax breach a year or two ago. Apparently his username for his online bank was compromised. They somehow also got his cell phone number, don’t know if that was from the breach or if they had to look it up.

Yesterday while in a noisy restaurant he got a phone call from his bank (spoofed caller ID) and they told him that they were looking at what appeared to be fraudulent charges on his account. They asked him to verify a few transactions (all made up of course and none matched anything he’d purchased recently). Since there were several phony charges on the account they told him that his account had been compromised and that they would have a new card sent out to him via fedex. In order to validate his identity/transaction they asked him to repeat a code they’d send him via text.

The text came through from his bank and he repeated the number back to them. They confirmed it and said they’d ship a new card immediately.

Once my colleague came home he checked his account - his password did not work anymore. He reset the password thinking that it was part of the fraudulent charges. He set a new password and got the double verification text from his bank and noticed that a few thousand dollars had been withdrawn via wire earlier in the evening.

Apparently their “verification” for sending a new card was for the forgotten password link verification on the website for setting up a new password. Once logged in they started transactions out of the account, starting in $100 increments and then $1,000 transactions.”

 

[DeniseNY]

I’m at a point where I don’t even answer if it’s a number I do not know. If they leave a message I’ll listen to it and decide if it’s legitimate or not.

 

[Joe_5859]

Wow, that’s pretty terrible! I can see how easy it would be to be pulled in by that. And, yes, sites frequently text you a verification code if you are resetting your online password. So they just called and gave a reason for your friend to think he would receive the code, and they gave him a reason to give it to them. Very sneaky!

Thank you for sharing.

 

[Tis_Bearself]

Bottom line is if anybody calls you on the phone asking for anything to do with any account you have, or emails you, don’t tell them anything, don’t click on anything.

Hang up and call your bank directly. Banks do not call asking for this stuff.

 

[lilypadrees]

Since your colleague had been the victim of a scam before, he should have phoned his bank directly (they usually have a toll free number) to dispute these alleged fraudulent charges. He could’ve said, “I can’t talk now,” hung up and later, checked the number via search engine. That’s what I do with any number that’s unfamiliar. I don’t take anyone’s word that they’re from whatever they claim. The scams come up very quickly in the search engines.

 

[Mary888]

Hang up and call your bank directly. Banks do not call asking for this stuff.

Yes this. All the banks I work with have both my email and phone number as ling as the home address. If they have a problem they usually send an email or send a written letter.
Password resetting is done through email.
Whenever the bank called is for new services that I may want. Never give a password away by phone.
Sorry for the OP friend.

 

[Sarcelle]

Same here.

 

[ZMystiCat]

I’m at a point where I don’t even answer if it’s a number I do not know.

Yeah, I listen to the message and call back the alleged organization. I’ve gotten a couple legitimate calls, but most are scams. A general rule is that the more threatening they are, the more likely that they are a scam. I’d expect them to change, but considering they’re often spoofing numbers, I’m guessing that their whole system is designed to take you off guard with a serious threat, considering a “call back” will go to the actual owner of the number.

 

[Sarcelle]

I know some people whose phone numbers have been spoofed.

They keep getting a lot of calls from irate people asking them why they keep calling all the time. Fact is they didn’t. Probably someone from overseas.

 

[Sarcelle]

I have had someone from Microsoft Support call me and tell me that my Windows PC has notified them of a problem.

I don’t have a Windows PC or laptop.

They hung up so fast.

I was lucky. I hear they can get abusive.

 

[ZMystiCat]

Probably someone from overseas.

Yeah, unfortunately, given how many of these scammers are from India, it’s just adding to some already negative stereotypes surrounding Indians. Sure, even if it only makes up a very small percentage of Indians, that’s sort of the face of India to many Americans and Europeans now.

I have had someone from Microsoft Support call me and tell me that my Windows PC has notified them of a problem.

I don’t think Windows would even do that. Yeah, Windows 10 may send telemetry data to Microsoft, but from what I’ve heard from someone who worked on the Windows team, they don’t look at the received data too granularly. It’s more, “Hey, why are only 2% of customers using Edge!”

I do get a chuckle, though, out of how this line could probably fool a privacy nut just as much as grandma, but while grandma may talk to them, the privacy nut would probably do this:

I was lucky. I hear they can get abusive.

There’s a guy on YouTube called Kitboga who just wastes their time. Needless to say, the reactions can range anywhere from childish to abusive.

 

[Convert3]

I once received a spoof call from someone who used my own number. Needless to say, I didn’t answer.

 

[Sarcelle]

Yeah got the same thing.

Also I got calls from the IRS or so they claim.

Got calls from the Social Security Administration or so they claim.

This is why I don’t answer my phone anymore if I don’t recognize the number.

There’s scammers all over the place.

 

[Joe_5859]

This is why I don’t answer my phone anymore if I don’t recognize the number.

Same here. For me, it has been an unintended blessing that my cell phone’s area code is not local to where I live. If I receive a phone call from the area code I reside in, it’s generally legitimate—a doctor’s office reminder, or a store asking me to pick up my online order. If I receive a phone call from the same area code as my phone number, it is never legitimate. It makes it easier to screen calls. Of course, even with the legitimate calls, if it’s a number I don’t recognize, I still let it go to voicemail unless I am expecting a call.

 

[Sarcelle]

Yes same here

If I get a call with my phone’s area code I don’t answer it.

Voice mail can take care of it.

 

[MrZoom]

I once received a spoof call from someone who used my own number. Needless to say, I didn’t answer.

I’ve never gotten a spoof call that appeared to come from my own number, but I have gotten numerous calls that spoofed my exchange (the first three numbers of the seven-digit number after the area code).

 

[StephieNorthCo]

That’s why I answer calls with things like “Concrete Clock Works. We’re here to give you a hard time.”

Or

“We charge for phone calls. Please have your credit card number ready.”.

 

[Convert3]

Yes, I get two or three a day between my house number and my cell number that are like that.

 

[Convert3]

That’s why I answer calls with things like “Concrete Clock Works. We’re here to give you a hard time.”

Or

“We charge for phone calls. Please have your credit card number ready.”.

Most of the calls are robocalls, so this only activates them and they know a human answers. Probably best to not answer or answer and not say anything.

 

[StephieNorthCo]

True, but mostly the activation occurs on the second recognition of “hello”; sometimes the first “hello”.