miscellany: social engineering attempt to report.
So two nights ago, someone tried to get my credit card number.
Uncharacteristically, I answered the phone. This person claimed that a charge for $780 was made against my charge card, and that it would need to be verified. "My" card, of course, was not charged a dime; the person at the other end of the phone didn't know my name, much less the names of any banks I use. This supposed bank representative didn't ask for any particular person by name. Red flags, anyone?
It is highly improbable that an unidentified representative of an unnamed credit card company would call an unknown card holder to "verify a fraudulent charge". If I had gone along with the call, I would no doubt have been asked to provide my name, account number, bank name, phone number, date of birth, Social Security number, blood type, and the contents of my last bowel movement.
Instead of providing any personal data, I asked about the "NYS Alcohol" phone number on my caller ID box. I probably should have asked if they were using a caller ID spoofing service, or if they were doing some funky PBX stuff; I didn't get a chance, since the caller disconnected.
Tried calling the number back during regular business hours: of course, it doesn't take incoming calls. Reverse lookup says it's a private land line with Verizon. Google pops up an address to go with the number. Combing through New York City substance abuse centers eventually gets to a working phone number.
The receptionist verified that the number on my caller ID matches a pay phone in the treatment center; she then passed my call on to the program director. Not really sure who else should get a report on this one. Verizon, maybe? They'd be able to check if the call was actually made from the listed ID.
Uncharacteristically, I answered the phone. This person claimed that a charge for $780 was made against my charge card, and that it would need to be verified. "My" card, of course, was not charged a dime; the person at the other end of the phone didn't know my name, much less the names of any banks I use. This supposed bank representative didn't ask for any particular person by name. Red flags, anyone?
It is highly improbable that an unidentified representative of an unnamed credit card company would call an unknown card holder to "verify a fraudulent charge". If I had gone along with the call, I would no doubt have been asked to provide my name, account number, bank name, phone number, date of birth, Social Security number, blood type, and the contents of my last bowel movement.
Instead of providing any personal data, I asked about the "NYS Alcohol" phone number on my caller ID box. I probably should have asked if they were using a caller ID spoofing service, or if they were doing some funky PBX stuff; I didn't get a chance, since the caller disconnected.
Tried calling the number back during regular business hours: of course, it doesn't take incoming calls. Reverse lookup says it's a private land line with Verizon. Google pops up an address to go with the number. Combing through New York City substance abuse centers eventually gets to a working phone number.
The receptionist verified that the number on my caller ID matches a pay phone in the treatment center; she then passed my call on to the program director. Not really sure who else should get a report on this one. Verizon, maybe? They'd be able to check if the call was actually made from the listed ID.
posted by elegiac at 6:44 AM
0 Comments:
Post a Comment
<< Home