Surfing Waves

My issue is how someone can supposedly have your Name, Phone Number, Address and Card Number without direct access to the Credit Card database or at least someone who has access.


Beware!

Credit Card Scam
This one is pretty slick since they provide Y O U with all the information, except the one piece they want.
Note, the callers do not ask for your card number; they already have it. This information is worth reading. By understanding how the VISA & MasterCard Telephone Credit Card Scam works, you'll be better prepared to protect yourself.

One of our employees was called on Wednesday from "VISA", and I was called on Thursday from "MasterCard".

The scam works like this: Person calling says, "This is (name), and I'm calling from the Security and Fraud Department at VISA. My badge number is 12460. Your card has been flagged for an unusual purchase pattern, and I'm calling to verify. This would be on your VISA card which was issued by (name of bank) did you purchase an Anti-Telemarketing Device for £497.99 from a Marketing company based in London ?" When you say "No", the caller continues with, "Then we will be issuing a credit to your account. This is a company we have been watching and the charges range from £297 to £497, just under the £500 purchase pattern that flags most cards. Before your next statement, the credit will be sent to (gives you your address), is that correct?"

You say "yes". The caller continues - "I will be starting a fraud investigation. If you have any questions, you should call the 0800 number listed on the back of your card (0800-VISA) and ask for Security.

You will need to refer to this Control Number. The caller then gives you a 6 digit number. "Do you need me to read it again?"

Here's the IMPORTANT part on how the scam works the caller then says, "I need to verify you are in possession of your card." He'll ask you to "turn your card over and look for some numbers." There are 7 numbers; the first 4 are part of your card number, the next 3 are the security numbers that verify you are the possessor of the card. These are the numbers you sometimes use to make Internet purchases to prove you have the card. The caller will ask you to read the 3 numbers to him. After you tell the caller the 3 numbers, he'll say, "That is correct, I just needed to verify that the card has not been lost or stolen, and that you still have your card. Do you have any other questions?" After you say, "No," the caller then thanks you and states, "Don't hesitate to call back if you do", and hangs up.

You actually say very little, and they never ask for or tell you the Card number. But after we were called on Wednesday, we called back within 20 minutes to ask a question. Are we glad we did! The REAL VISA Security Department told us it was a scam and in the last 15 minutes a new purchase of £497.99 was charged to our card.

Long story - short - we made a real fraud report and closed the VISA account. VISA is reissuing us a new number. What the scammers want is the 3-digit PIN number on the back of the card. Don't give it to them. Instead, tell them you'll call VISA or MasterCard directly for verification of their conversation. The real VISA told us that they will never ask for anything on the card as they already know the information since they issued the card! If you give the scammers your 3 Digit PIN Number, you think you're receiving a credit. However, by the time you get your statement you'll see charges for purchases you didn't make, and by then it's almost too late and/or more difficult to actually file a fraud report.

What makes this more remarkable is that on Thursday, I got a call from a "Jason Richardson of MasterCard" with a word-for-word repeat of the VISA scam. This time I didn't let him finish. I hung up! We filed a police report, as instructed by VISA. The police said they are taking several of these reports daily! They also urged us to tell everybody we know that this scam is happening .

Please pass this on to all your family and friends. By informing each other, we protect each other.

Farno wrote:My issue is how someone can supposedly have your Name, Phone Number, Address and Card Number without direct access to the Credit Card database or at least someone who has access.

old statments, slips etc... can build the picture together easily.

This where having a reall fire in your home comes in handy. use all your old statments, things with your full address etc etc on as firestarting material

No genuine credit card company or bank will ever ask you to give out any security infomation over the phone and as such you never need to give out any of that infomation yourself as you have no idea who is on the other end of the telephone no matter what infomation they already have.
Also be aware of key logging. Never use internet banking on a computer other than your own.
A key logger is a device implanted inside a keyboard that loggs all the keys that get pressed and transmits them to another computer.
If you work in a big office personalise your own keyboard so that it can't be exchanged with another similar keyboard without you noticing!

KS

lol

There are suckers everywhere, this is why there are scammers.
If we removed the gullable then there would be no fraud.

If only this was true.

My suggestion is to ask anyone who calls you to veryify who they are BEFORE YOU GIVE OUT ANY INFO and when they can not verify who they are hang up.
Now contact your supplier directly using the numbers that you have on your statement or on the back of your card.

Be warned though many credit card companies like HSBC still call you up to check out potential fraudelant transactions and as they are all Indian call centres nowadays it makes it hard work when you ask them to verify themselfs to you and when you do ask them they say "I am HSBC mr.....", "So bloody veryify yourself then, I say", "tell me something that only you and me know"? etc........

So I call them back on a known number and moan like hell about scammers and the fact that thier business practicies do not allow any form of verification that they are who they say they are when they call me, "But sir I can not do this until you veryify yourself to us"

Does this sound familure? It is time that our financial suppliers sort them selves out and help us to not be scammed.

Rant over.

kitesurfer wrote:No genuine credit card company or bank will ever ask you to give out any security infomation over the phone

They do, at least they did to me last week. They have to make sure they are speaking to the right person.
It can be a bit of a catch 22 really, they have to make sure they are talking to the right person and you have to be sure they are legit.
If ever in doubt do what I did last week when I was phoned by my bank's fraud dept about a dodgy transaction on my card. When you have finished with the phone call give a ring back to check that it was actually your bank that rang - ring via the switchboard number (not a number they left you to ring, it could be any number) - this way you can guarantee that you will be talking to someone at your bank. Check that they actually rang you - they will have the details on you account.

err, I am sure this is what I have just said.

surf patrol wrote:

kitesurfer wrote:No genuine credit card company or bank will ever ask you to give out any security infomation over the phone

They do, at least they did to me last week. They have to make sure they are speaking to the right person.
It can be a bit of a catch 22 really, they have to make sure they are talking to the right person and you have to be sure they are legit.
If ever in doubt do what I did last week when I was phoned by my bank's fraud dept about a dodgy transaction on my card. When you have finished with the phone call give a ring back to check that it was actually your bank that rang - ring via the switchboard number (not a number they left you to ring, it could be any number) - this way you can guarantee that you will be talking to someone at your bank. Check that they actually rang you - they will have the details on you account.

Ermmm perhaps i should have been a bit clearer. They may welll ask for securityinfo so that you can proove who you are, joe bloggs etc, DOB, post code mom's maiden name, but they will/should NEVER be asking for the 3 digit security code or your pin number for your card.
The second someone asks for these you should tell them to get lost and then phone your bank.

KS

Internet fraud is over £100m a year in the uk alone.

This is primarily keystroke logger / screen grab style spyware and good old fashioned phishing attacks.

Which is a very good reason to get something better than that heap of s*it, Norton, everyone seems to end up with.

Actually Norton is a very good product and does a pretty good job, true not the best out there but defo towards the top of the rankings for effective protection as is detailed in many independent "in-the trade" reviews prove.

xswind wrote:Actually Norton is a very good product and does a pretty good job, true not the best out there but defo towards the top of the rankings for effective protection as is detailed in many independent "in-the trade" reviews prove.

ummm..... you don't work in IT do you?

Or do you work for symantec?

Norton is fleshing terrible.

Seriously. Scroogle it, and listen to just about every person who can find a hard drive with two hands and a flash light simultaneously screaming in terror, then being silenced.

Actualy norton 360 is supposed to be a lot lighter and more efficient,and gets ok mag ratings, but its the last thing I would install on my pc.

Stone Fox wrote:

xswind wrote:Actually Norton is a very good product and does a pretty good job, true not the best out there but defo towards the top of the rankings for effective protection as is detailed in many independent "in-the trade" reviews prove.

ummm..... you don't work in IT do you?

*awaits xswinds response with baited breath*


KS

lol very loudly.

It works fine on my machine and 10 thousand PC's in the business which I work and millions of other machines around the world.

if it was that rubbish it would not be alive still.

How did we move from scammers to Norton bashing anyway?

Stone Fox wrote:

xswind wrote:Actually Norton is a very good product and does a pretty good job, true not the best out there but defo towards the top of the rankings for effective protection as is detailed in many independent "in-the trade" reviews prove.

ummm..... you don't work in IT do you?

Or do you work for symantec?

Norton is fleshing terrible.

Seriously. Scroogle it, and listen to just about every person who can find a hard drive with two hands and a flash light simultaneously screaming in terror, then being silenced.

Hmmm perhaps you work for McAfee???

KS

I'm not keen on McAfee either. They're both ineffective, bloated and badly written shite by huge companies that spend more on their marketing than they're product.

They're between them responsible for a HUGE percentage of all connection problems and / or support calls. I feel sorry for the millions of people (and XSwind is right, they number in their MILLIONS) who have to use it because of company policy.

Stone Fox wrote:I'm not keen on McAfee either. They're both ineffective, bloated and badly written shite by huge companies that spend more on their marketing than they're product.

They're between them responsible for a HUGE percentage of all connection problems and / or support calls. I feel sorry for the millions of people (and XSwind is right, they number in their MILLIONS) who have to use it because of company policy.

lol, The uniformed always make me laugh.

Firewalls and antivirus programs by thier very nature have to restrict in order to be effective, if they did not the doors would be wide open.
So this is bound to annoy and cause problems especially to the common non techy user.

Sorry but fact of live.

Can you tell what I do for a living?

xswind wrote:lol, The uniformed always make me laugh.

So you make yourself laugh?

Nearly 50% of all the connection related complaints to the DSG group, (including tech guys) are related to Norton or mcAfee funtioning improperly.

You can say what you want, ask any REAL IT proffessional, or check any of the IT boards and they'll tell you not to touch symantec.

xswind wrote:Firewalls and antivirus programs by thier very nature have to restrict in order to be effective, if they did not the doors would be wide open.

Ok, I couldn't find a "computer security for dummies" link so this'll do for a start:

http://en.wikipedia.org/wiki/Anti_virus

How is that restrictive by it's very nature? And firewalls aren't supposed to restrict the user by definition! The whole nature of ports and port forwarding is to ALLOW the users data to flow UNRESTRICED while blocking unauthorised intrusions such as remote script injection!

It's not supposed to malfuntion and block all communication to and from the computer.

It's not supposed to prevent you deleting it when you get sick of it or discover something better. This is also borderline illegal.

http://www.theregister.co.uk/2007/08/09 ... rity_bugs/

The story itself is stupid, it's more of an "update your product" thing, but read the comments. They're a good start as to the general feeling in the IT industry about Norton.

xswind wrote:Can you tell what I do for a living?

I'm hoping you're a lumberjack because you clearly don't belong near a computer.

I'll write a proper reply later, as I'm at work and half way through re-building a PC.

*edit* ok, maybe th lumberjack thing was a little harsh, but if you DO work in IT I'm guessing it's in an obscure and/or niche area like virtualisation or java development.

Oh, and that wiki link about anti-virus?

Notice the only two companies named in the "issues of concern" section are Symantec (norton) and McAfee.

Quote "DSG group, (including tech guys)"

oh so maybe you are one of those PCworld experts, the geeks in the glass office messing around with customer PC's and steeling all the MP3's found on them.

If so you have certainly reached the heights of your career apart from a possible move to Group 4 and we all know what their security is like.

So what is your "EXPERT" advice to all on here?
How should we, the forum massive protect ourselves if firewalls and Antivirus programs are sh1t?

I know!
Lets disconnect our PCs from the internet forever?
Great way forward eh and pretty secure and no need for a firewall.
That will fix it, I will never receive another scam email again!

But how would we get to the forum with out the internet and how would you launch personal attacks against people you have no idea of their expertise.

Your comments about firewalls are so misguided and shows absolutely no knowledge of the subject at all. So please stop being so personal.

For your further career development, try looking up the words “egress” and “ingress” on Wiki and see what they mean.