Pretty good Credit Card Scam

[Holdmybeer]

Received a text and an email from Mastercard Security with the last four of my CC# and a list of several recent transactions and then one that had reportedly been declined. The phony declined transaction among the legitimate transactions is intended to set off alarms. It's a sophisticated phishing scam. When you call the security and fraud # in the msg they ask for your full CC#, expiration date, and 3 digit security#. Once you give them that they're in. Of course were they actually Mastercard agents they'd already have that information. The entire msg looks however in every way legitimate, the ph. # of course is not the one you can easily find by looking online for Mastercard Customer Service.

 

[Rosy]

Received a text and an email from Mastercard Security with the last four of my CC# and a list of several recent transactions and then one that had reportedly been declined. The phony declined transaction among the legitimate transactions is intended to set off alarms. It's a sophisticated phishing scam. When you call the security and fraud # in the msg they ask for your full CC#, expiration date, and 3 digit security#. Once you give them that they're in. Of course were they actually Mastercard agents they'd already have that information. The entire msg looks however in every way legitimate, the ph. # of course is not the one you can easily find by looking online for Mastercard Customer Service.

Always go to the official MasterCard website and call the number there, rather than the one in the message.

If someone calls you, hang up and phone MasterCard.

 

[golfnutjetsfan]

thanks for the info

 

[Trav_lr]

Always go to the official MasterCard website and call the number there, rather than the one in the message.

If someone calls you, hang up and phone MasterCard.

Actually, always use the phone number on your credit card. Websites are easily spoofed much like the phising emails and recent text messages for unpaid tolls!

 

[CaptainGizmo]

I actually prefer to go through my app only. That way, I can either enter through a chat, text, or voice call AFTER going through the proper 2FA.

 

[lostinfla]

I never ever click on links in texts or emails unless I'm absolutely sure of where the message came from. As mentioned, if there's an "issue" reported by text or email, contact the company through their app or posted phone number.

 

[Underboss]

Never, ever click on any email or text. Go to the actual site and determine if there is an issue. They rely on folks clicking the link

 

[Crazydog]

I got a call from a person from my bank telling me there had been a charge from TX and asked if I had the card in my possession? I asked the person how do I know if you're really from the bank.
They told me to hang up and call the number on the back of my card. Turned out my card really had been skimmed somehow.
I would never use ANY link from a text or email or phone # EVER.

 

[CaptainGizmo]

As long as we’re on this topic of credit card scams, and the mention of “swipe stealing” came up…my theory of…now false…protection by “Tap to Pay” was just shot down. I saw something where they’re putting an overlay on top of the “Tap” sensor so they can now steal your card that way.

I haven’t dug into this at all…so I can verify it. But, just as usual, nothing is secure so long as these devil-inspired lowlifes walk this earth.

 

[MemoriesByTheMile]

“Tap to pay” has always made me suspicious.
“If the store can grab my credit card info without physically needing to swipe the card, then what protects me from a bad actor brushing past me on the sidewalk or in a crowded store and taking my credit card info while my card is still in my wallet?”
Yes, I know the NFC typical range is only a few centimeters, but if pickpockets can quickly take a wallet/keys/watch through a quick brush and distraction how much easier would it be to electronically “lift” data in that type of close encounter? I now keep my cards in a rfid protective envelope in my wallet.

 

[CaptainGizmo]

“Tap to pay” has always made me suspicious.
“If the store can grab my credit card info without physically needing to swipe the card, then what protects me from a bad actor brushing past me on the sidewalk or in a crowded store and taking my credit card info while my card is still in my wallet?”
Yes, I know the NFC typical range is only a few centimeters, but if pickpockets can quickly take a wallet/keys/watch through a quick brush and distraction how much easier would it be to electronically “lift” data in that type of close encounter? I now keep my cards in a rfid protective envelope in my wallet.

Right...RFID theft has been known for a LONG time. It's made the RFID wallet folks a lot of money. ha.

HOWEVER, with an iPhone's TAP TO PAY function...I'm still not certain that process is "interceptable"; certain not as your phone is passive...aka not actively in the process of.

Years ago, I read an exhaustive report from a credit card expert, who basically said if you carry cards...you're a fool to consider them safe. Too many holes.

Then, he addressed the pundits opinions of using an "iPhone" to pay using their Tap To Pay system. He refuted the arguments from the naive, who said "no way would I store my credit cards in my phone...how dumb", with the actual technical facts. NO actual numbers are being stored, NOR PASSED during that transaction! Intead, it's a series of authentication and authorization codes that travel back to the registered server; aka Apple. And, of course, he drilled down upon that as well.

Bottom line, for me anyways, I use contactless Tapping to pay as much as possible...until proven wrong. (holding breath).

 

[MemoriesByTheMile]

Right...RFID theft has been known for a LONG time. It's made the RFID wallet folks a lot of money. ha.

HOWEVER, with an iPhone's TAP TO PAY function...I'm still not certain that process is "interceptable"; certain not as your phone is passive...aka not actively in the process of.

Years ago, I read an exhaustive report from a credit card expert, who basically said if you carry cards...you're a fool to consider them safe. Too many holes.

Then, he addressed the pundits opinions of using an "iPhone" to pay using their Tap To Pay system. He refuted the arguments from the naive, who said "no way would I store my credit cards in my phone...how dumb", with the actual technical facts. NO actual numbers are being stored, NOR PASSED during that transaction! Intead, it's a series of authentication and authorization codes that travel back to the registered server; aka Apple. And, of course, he drilled down upon that as well.

Bottom line, for me anyways, I use contactless Tapping to pay as much as possible...until proven wrong. (holding breath).

Agree about Apply Pay. To complete the transaction requires the biometric authentication, not just being passively near the reader. There is the option of using the watch, but I don’t use the watch for this very reason, I want to actively provide biometric authentication.
The authentication process of Apple Pay seems much more robust than a typical credit card swipe where the cc digits are being passed along.

 

[CaptainGizmo]

The authentication process of Apple Pay seems much more robust than a typical credit card swipe where the cc digits are being passed along.

In so much that your iPhone can be stolen and/or hacked, and there is NO information of value stored in the Apple Wallet. Hence the other obvious admonition for people to stop doing the crazy risky practice of storing vital info in non-secure apps like Contacts, Notes, etc.