Fraudsters expand into telephony

By on February 1, 2004, 6:18 AM
Just read this news over at [URL=http://www.netcraft.com/]Netcraft[/URL] and it feels important enough to warrant news coverage, attached in the comments below you will find the whole post on Netcraft, basically Fraudsters are not only attacking web-based banks, but now also via phone...

Remember: No one will ever ask you your password or number associated with anything, be it e-mail, bank cards, online banks like Citibank Paypal etc etc!




User Comments: 7

Got something to say? Post a comment
Per Hansson said:
[COLOR=royalblue]Further evidence of the financial rewards presently available from phishing is that fraudsters can afford the time and labour of making the attacks by phone rather than being constrained to electronic mail. A mail we received continues the story. My husband was called on Wednesday by "VISA" and I was called on Thursday by "MasterCard". It worked like this:Person calling says, "This is Carl Patterson (any name) and I'm calling from the Security and Fraud department at VISA. My Badge number is 12460. Your card has been flagged for an unusual purchase pattern, and I'm calling to verify. This would be on your VISA card. Did you purchase an Anti-Telemarketing Device / any expensive item for 497.99 from a marketing company based in 'Anywhere'?"When you say "No", the caller continues with, "Then we will be issuing a credit to your account. This is a company we have been watching and the charges range from 297 to 497, just under the 500 purchase pattern that flags most cards. Before your next statement, the credit will be sent to (gives you your address), is that correct?"You say, "Yes".The caller continues . . . "I will be starting a fraud investigation. If you have any questions, you should call the 0800 number listed on your card and ask for Security. You will need to refer to this Control #". Then gives you a 6 digit number, "Do you need me try read it again?" Caller then says he "needs to verify you are in possession of your card. Turn the card over. There are 7 numbers; the first 4 are 1234 whatever, the next 3 are the security numbers that verify you are in possession of the card. These are the numbers you use to make internet purchases, to prove you have the card. Read me the 3 numbers."Then he says "That is correct. I just needed to verify that the card has not been lost or stolen, and that you still have your card. Do you have any other questions? Don't hesitate to call back if you do." You actually say very little, and they never ask for or tell you the card number. But after we were called on Wednesday, we called back within 20 minutes to ask a question. Are we glad we did! The REAL VISA security department told us it was a scam and in the last 15 minutes a new purchase of 497.99 WAS put on our card. Long story made short, we made a real fraud report and closed the VISA card and they are issuing a new number. What the scam wants is the 3-digit number and once the charge goes through, they keep charging every few days. By the time you get your statement, you think the credit is coming, and then it's harder to actually file a fraud report.REMEMBER: THE REAL VISA REINFORCED THAT THEY WILL NEVER ASK FOR ANYTHING > ON THE CARD (THEY ALREADY KNOW EVERYTHING ABOUT US)!!!! What makes this more remarkable is that on Thursday, I got a call from "Jason Richardson of MasterCard" with a word for word repeat of the VISA Scam. This time I didn't let him finish. I hung up. We filed a police report (as instructed by VISA), and they said they Are taking several of these reports daily and to tell friends, relatives and co-workers. PASS IT ON![/COLOR] [URL=http://news.netcraft.com/archives/2004/01/30/phishers_e
pand_into_telephony.html]Original story: Netcraft[/URL]
Masque said:
Just cut and pasted this thing into Word and am posting it up near our phone for my wife. Thanks for this info.....it's invaluable. Keep it up guys. :grinthumb
---agissi--- said:
Yeah techsupport for games wont even ask you for your cdkey ;) I want to know how they charge the money to your card with only 3 of your numbers.
Masque said:
[quote][i]Originally posted by ---agissi--- [/i]Yeah techsupport for games wont even ask you for your cdkey ;) I want to know how they charge the money to your card with only 3 of your numbers. [/quote] They've actually already got your number but there are three digits after your main number that are actually a security key. Most of your major retail websites will only charge to your card if you input that key. Latest in an ever-growing security trend.
---agissi--- said:
I was referring to the fraudsters, how do they charge stuff to your card with only the 3 keys. If you were saying they have your key already, how in the world did they get it?
Masque said:
God only knows.....could've been a hack to a database, but if you read above...."Caller then says he "needs to verify you are in possession of your card. Turn the card over. There are 7 numbers; the first 4 are 1234 whatever, the next 3 are the security numbers that verify you are in possession of the card. These are the numbers you use to make internet purchases, to prove you have the card. Read me the 3 numbers." ....I get the distinct impression that it's the caller that's reading the first seven numbers.
Load all comments...

Add New Comment

TechSpot Members
Login or sign up for free,
it takes about 30 seconds.
You may also...
Get complete access to the TechSpot community. Join thousands of technology enthusiasts that contribute and share knowledge in our forum. Get a private inbox, upload your own photo gallery and more.