I just recieved the following email regarding a new credit card scam.
FYI... This one is pretty slick since they provide YOU with all the information, except the one piece they want.

WARNING..New Credit Card Scam. Note, the callers do not ask for your card number; they already have it.

This information is worth reading. By understanding how the VISA & MasterCard Telephone Credit Card Scam works, you'll be better prepared to protect yourself.

One of our employees was called on Wednesday from"VISA", and I was called on Thursday from "MasterCard".

The scam works like this: Person calling says, "This is (name), and I'm calling from the Security and Fraud Department at VISA. My Badge number is 12460 your card has been flagged for an unusual purchase pattern, and I'm calling to verify. This would be on your VISA card, which was issued by (name of bank). Did you purchase an Anti-Telemarketing Device for $497-99 from a Marketing company based in Sydney?" When you say "No", the caller continues with, "Then we will be issuing a credit to your account. This is a company we have been watching and the charges range from $297 to $497, just under the $500 purchase pattern that flags most cards.
Before your next statement, the credit will be sent to(gives you your address), is that correct?" You say "yes". The caller continues - "I will be starting a Fraud investigation. If you have any questions, you should call the 1-800 number listed on the back of your card (1-800-VISA) and ask for Security.
You will need to refer to this Control Number. The caller then gives you a 6-digit number. "Do you need me to read it again?"

Here's the IMPORTANT part on how the scam works. The caller then says, "I need to verify you are in possession of your card". He'll ask you to "turn your card over and look for some numbers".
There are 7 numbers; the first 4 are part of your card number; the next 3 are the security numbers that verify you are the possessor of the card. These are the numbers you
sometimes use to make Internet purchases to prove you have the card. The caller will ask you to read the 3 numbers to him After you tell the caller the 3 numbers, he'll say, "That is correct, I just needed to verify that the card has not been lost or stolen, and that you still have your card.

Do you have any other questions?" After you say No, the caller then thanks you and states, "Don't; hesitate to call back if you do", and hangs up.

You actually say very little, and they never ask for or tell you the Card number but after we were called on Wednesday, we called back within 20 minutes to ask a question. Are we glad we did!
The REAL VISA Security Department told us it was a scam and in the last 15 minutes a new purchase of $497.99 was charged to our card. I checked this out on snopes.com.

Long story made short - we made a real fraud report and closed the VISA account. VISA is reissuing us a new number.

What the scammers want is the 3-digit PIN number on the back of the card.

Don't give it to them. Instead, tell them you'll call VISA or Master card directly for verification of their conversation. The real VISA told us that they would never ask for anything on the card, as they already know the information since they issued the card! If you give the scammers your 3 Digit PIN Number, you think you're receiving a credit. However, by the time you get your statement you'll see charges for purchases you didn't make, and by then it's almost too late and/or more difficult to actually file a fraud report.

What makes this more remarkable is that on Thursday, I got a call from a "Jason Richardson of MasterCard" with a word-for-word repeat of the VISA scam.
This time I didn't let him finish. I hung up! We filed a police report, as instructed by VISA. The police said they are takingseveral of these reports daily!
They also urged us to tell Everybody we know that this scam is happening.

Please pass this on to all your family and friends. By informing each other, we protect each other.

Thanks for the info Tony - it would be an easy one to fall for if you weren't paying attention.

That scam alert made our its way into my inbox last week courtesy of our GM IT.

Obviously serious.

It's a good warning.

Difficult to guard against, what with the habit banks and credit card companies seem to have of calling you up and then asking for identifying information before deigning to tell you what they want.

Best rule of thumb if any financial institution calls and asks for information is to ask for their reference number, hang up, and call back on their 0800 number. I do it every time.

The only person, in fact, that I don't do that to is my personal banking lady at the National Bank. I know her voice. Also, she's kinda cute...

Edit: Also, make sure you dispose of paper financial records securely. Use a shredder, or burn them.

Yeah it would be easy to be tripped up by this one. The interesting part is that the scammer has already got your card number, your name and your phone number- how did they get that info?

the scammer has already got your card number, your name and your phone number- how did they get that info?

Because you cocked up, either by failing to properly dispose of paper records (statements and other mail) or by not observing strict internet data hygiene.

Sometimes, though, it's not your fault - companies that hold onto that information, such as pretty much anyone you've ever ordered anything from over the phone or the internet, can lose control of it in much the same way, giving scammers a juicy list of precooked targets.

scary part is they have all the rest of the information :shutup:

This one is pretty slick since they provide YOU with all the information, except the one piece they want.

Note, the callers do not ask for your card number; they already have it. This information is worth reading. By understanding how the VISA & MasterCard Telephone Credit Card Scam works, you'll be better prepared to protect yourself.

One of our employees was called on Wednesday from 'VISA', and I was called on Thursday from 'Master Card'. The scam works like this: Caller: 'This is (name), and I'm calling from the Security and Fraud Department at VISA. My Badge number is 12460. Your card has been flagged for an unusual purchase pattern, and I'm calling to verify. This would be on your VISA card which was issued by (name of bank). Did you purchase an Anti-Telemarketing Device for $497.99 from a Marketing company based in Arizona?'

When you say 'No', the caller continues with, 'Then w e will be issuing a credit to your account. This is a company we have been watching and the charges range from $297 to $497, just under the e $500 purchase pattern that flags most cards. Before your next statement, the credit will be sent to (gives you your address), is that correct?'

You say 'yes'. The caller continues - 'I will be starting a Fraud investigation. If you have any questions, you should call the 1- 800 number listed on the back of your card (1-800-VISA) and ask for Security.

You will need to refer to this Control Number. The caller then gives you a 6 digit number. 'Do you need me to read it again?'
Here's the IMPORTANT part on how the scam works. The caller then says, 'I need to verify you are in possession of your card'. He'll ask you to 'turn your card over and look for some numbers'. ; There are 7 numbers; the first 4 are part of your card number, the next 3 are the security Numbers' that verify you are the possessor of the card. These are the numbers you sometimes use to make Internet purchases to prove you have the card. The caller will ask you to read the 3 numbers to him. After you tell the caller the 3 numbers, he'll say, 'That is correct, I just needed to verify that the card has not been lost or stolen, and that you still have your card. Do you have any other questions?' After you say No, the caller then thanks you and states, 'Don't hesitate to call back if you do', and hangs up.

You actually say very little, and they never ask for or tell you the Card number. But after we were called on Wednesday, we called back within 20 minutes to ask a question. Are we glad we did! The REAL VISA Security Department told us it was a scam and in the last 15 minutes a new purchase of $497.99 was charged to our card.

Long story - short - we made a real fraud report and closed the VISA account. VISA is reissuing us a new number. What the scammers want is the 3-digit PIN number on the back of the card. Don't give it to them.. Instead, tell them you'll call VISA or Master card directly for verification of their conversation. The real VISA told us that they will never ask for anything on the card as they already know the information since they issued the card! If you give the scammers your 3 Digit PIN Number, you think you’re receiving a credit. However, by the time you get your statement you'll see charges for purchases you didn't make, and by then it's almost too late and/or more difficult to actually y file a fraud report.

What makes this more remarkable is that on Thursday, I got a call from a 'Jason Richardson of Master Card' with a word-for-word repeat of the V ISA scam. This time I didn't let him finish. I hung up! We filed a police report, as instructed by VISA. The police said they are taking several of these reports daily! They also urged us to tell everybody we know that this scam is happening.

Please pass this on to all your family and friends. By informing each other, we protect each other.

Noted. Thanks.

The warning message has now been circulating in several countries for a number of years. In spite of this, at the time of writing, I can still find no reliable reports that described actual occurrences of this particular scam. Moreover, it should be noted that there are now several versions of the message, each with different details. Thus, the specific incidents described in these messages may well be anecdotal. As is common with email warnings of this nature, there is no way of confirming if the specific events outlined in the messages actually occurred or were simply made up as a way of embellishing the scam warning to emphasize its key points.

To me, it's just another hoax chain-letter email.

To me, it's just another hoax chain-letter email.

Actually it is happening all the time.

Friends in a large NZ banks call centre have confirmed they have been taking calls from customers about it...+ I think it is better to be safe than sorry...most people wouldn't get sucked in but there are still a very surprising number of people that DO.

Aside from reminding people not to divulge information to unknown callers, the advice seems a little iffy.

If the scammer already had your credit card number and expiry date then they could easily process a "card not present" transaction. They do not need the three digit CCV number to process a payment.

The CCV number is used by merchants to add an extra level of protection to online payments (since only the card holder has the CCV). The CCV doesn't actually enable any additional payment functionality.

As an aside, the CCV isn't really that much of help. When a card leaves your possession (say at a restaurant) a dishonest staff member can easily copy off all the details - including the CCV.

Surely the obvious thing is; banks will never ask for card numbers - they already have them.

Aside from reminding people not to divulge information to unknown callers, the advice seems a little iffy.

If the scammer already had your credit card number and expiry date then they could easily process a "card not present" transaction. They do not need the three digit CCV number to process a payment.

The CCV number is used by merchants to add an extra level of protection to online payments (since only the card holder has the CCV). The CCV doesn't actually enable any additional payment functionality.

As an aside, the CCV isn't really that much of help. When a card leaves your possession (say at a restaurant) a dishonest staff member can easily copy off all the details - including the CCV.

Surely the obvious thing is; banks will never ask for card numbers - they already have them.

Used to work in a call centre for bank myself and people were forever giving me their pin numbers and stuff - EVEN when told not to!

Some people are really quite clueless when it comes to this stuff...

I appreciate being made aware of any scams that are (potentially) out there, you never know when this information will come in handy.

Thanks for the bump.

Best rule of thumb if any financial institution calls and asks for information is to ask for their reference number, hang up, and call back on their 0800 number. I do it every time.Look up that 0800 number in the phone book.


The interesting part is that the scammer has already got your card number, your name and your phone number- how did they get that info?They bought it from a botnet operator. The botnet operator installed a virus on your PC and a plug-in in your browser to collect this, and other information. This is what viruses are for.
http://www.shadowserver.org/wiki/

Or if you want all the gory details, skip across the technical stuff and read below. Be prepared to be shocked.
http://www.shadowserver.org/wiki/pmwiki.php?n=Calendar.20080507


To me, it's just another hoax chain-letter email.No no, it's very real.

I hid myself in a botnet chatroom once, and watched page after page or credit card details, newly compromised *nix webservers, new virus installs, criminal business being done.. I was a strange, surreal, and sickening feeling.

And people, please ditch internet explorer right now and use Firefox. http://www.mozilla.com/en-US/firefox/

DB

While this particular issue is quite real, why the hell do they need to write an essay on the fucking thing? Surely bullet points would make it into the minds of the intended recipients!

http://www.shadowserver.org/wiki/[/url]
Thats some interesting reading. Mind due in saying that its also quite easy to crash an SQL database. as i managed to do at work more than once.
Seems SQL has not problem completely overwriting whole sections of a database.
Certainly F'ed up our Goldmine, thanks mySQL :P

Thats some interesting reading. Mind due in saying that its also quite easy to crash an SQL database. as i managed to do at work more than once. Seems SQL has not problem completely overwriting whole sections of a database.Isn't it fascinating. If you discover virus activity, /j #shadowserver and tell them about it, and they will involve you in the process. Read up on sandboxing and stuff and you can have a play. Awesome.

I have only had problems with MySQL once, and I asked it to fix itself, and it did. End of problem.

DB

Crikey - technical PC talk....

WOOOSH!

Bump.

I wa sjust gonna post this but I see it already has.

Can't wait for the call. When asked whether I purchased whatever I am not supposed to, I will say, "yes I did". It will probably confuse the hell out of them :-)))))

I've only struck something like this once way way back. I let the speil continue then asked for their phone number so I could call them back. They hung up immedialtly.


Skyryder

Can't wait for the call. When asked whether I purchased whatever I am not supposed to, I will say, "yes I did". It will probably confuse the hell out of them :-))))) LOVE IT!!! :lol:

Thanks for the warning, easy one to fall for.