Fraudsters target Apple Pay in credit card scams



  • Reply 21 of 22
    XedXed Posts: 1,476member
    maximara said:
    lkrupp said:
    As always the weakest link in security is between the ears of the idiots who gladly hand over their credentials to anyone who calls them with an offer too good to be true. And there’s no patch for stupid.
    These automated scams are getting really sophisticated though. Here is one that ALMOST got me.

    Caller ID displayed the name and phone number of my actual bank (which I googled).

    Automated message in perfect English:
    "We recently got a purchase request which we blocked the transaction. If you made this purchase, please press 1. If you didn't make this purchase press 2."

    Then when you hit a number (which I selected #2):
    "Thank you, please enter you ATM card number for verification"

    It keep repeating the message to enter the card number. This is where I was like wait a minute and hung up. The automated call kept calling back every minute for the next hour.

     I called my bank to make sure there weren't any transactions attempts and they said no, so I notified them of the scam.

    A week later, I get another call from a different bank (which I don't have) called me and had the same message (I let it go to voice mail).
    The "please enter you ATM card number for verification" was the tip off.  No bank will request that information. That should send up a red flag faster than a 35 car pile up at the Indianapolis 500.  In fact, as demonstrated by an experience my parents had banks will just freeze your card until you contact them if they detect strange activity on the account.  My late mother went through law school and I seek out and read laws to make sure I am well informed.

    Had some clown trying to claim they were the IRS and I asked them 'what provision of 5.1.10 Taxpayer Contacts' are you using?  They hung up right then and there.

    Another tried to claim they were the local police (even spoofed their number) and claimed they were going to arrest me unless I paid them.  I pointed out that no real cop would call regarding a possible crime for fear any evidence would be destroyed and that I was invoking the federal False Claims Act which gave me the authority to sue on behalf of the federal government and would be hitting them with extortion charges and posing as a police officer.  They hung up.  

    Related to credit cards.  My mother was in surgery in Houston when it got flooded (result of Allison IIRC) and we were stuck there for a month.  My father's credit card was near maxed out so I used mine at a parking garage.  Six months later a charge for prepaid phone cards appeared on my credit card statement from Houston.  I called the bank and had the charge expunged but it shows why these 1 year of protection for errors by the company that let your CC number out in the wild are useless.  The smarter thieves will wait a while before starting to charge stuff and the real smart ones will wait longer than a year.
    Lots of financial institutions have you input a card number or SSN as a part of your account verification when you call in which is why scammers will repeat the same statements when requesting info. The pertinent info is they called you. Always call them back with your saved number or what is one your card to restart the conversation on your own terms.

    PS: USAA is one bank that will send you a one-time passcode via email which clearly says to not sure with anyone and that their CSRs will never ask for, and yet as part of the verification their CSRs are initiating the passcode being sent via email. 🤦‍♂️ It’s an easy solution to have their system generate a different email for CSRs specifically trying to verify that you are the account holder, but it’s been this way for many years despite me pointing it to them.
  • Reply 22 of 22
    mcdavemcdave Posts: 1,919member
    I’m terrified by the number of apps requesting credit card details & having no Apple Pay option. It should be mandatory, as should an App Store payment option for all services (i.e. Netflix) not having this is a serious security issue.
Sign In or Register to comment.