credit card fraud has been rapidly outpacing all other forms of bank fraud in recent months, with many older people, in particular, being sweet-talked by fraudsters posing as bank officials into revealing their one-time-password (OTP) over the phone.
How it works
They get your bank account number from the dark web – very easy to do, apparently.
Log in details are a bit harder for them to get, but thanks to malware, or “malicious software” – computer programs which infiltrate computers without the user’s consent – they can get them by recording your key strokes.
What they still need though, in order to use your credit card details to buy stuff online, is the OTP which your bank sends to you via your cell phone or email.
And they need to get that from you. So they phone you and pretend to be from your bank’s fraud department – complete with call centre sounds in the background, and scare you by saying they believe fraudulent transactions are about to go off on the account or have just gone off.
Then they say: “To reverse them, I need to authenticate you, you must accept a pop-up on your phone… just read those numbers…”
What they are referring to is that OTP sent by your bank. But by calling that number something else, and stressing you out about losing a lot of money, there’s a good chance you’ll read out the number without realising what you’re doing.
Especially if you are older and not too tech savvy.
What to do
Very important – have your bank’s fraud hotline number saved in your cell phone. If you get a call from someone claiming to be from your bank’s fraud department, end the call and phone the number that you’ve saved yourself for your bank’s fraud department.
Then ask if your account has been red flagged for some reason.
Never share personal and confidential information with strangers over the phone.
Banks will never ask you to confirm your confidential information over the phone.
If you receive an OTP on your phone without having transacted yourself, it is likely that it is a fraudster who has used your personal information. Do not provide the OTP telephonically to anybody, no matter what other names they call it.
Contact your bank immediately to alert them to the possibility that your information may have been compromised.
Article courtesy of East Coast Radio