Post AZDRA8EdEEiflUnwtE by BjornToftMadsen@social.coop
 (DIR) More posts by BjornToftMadsen@social.coop
 (DIR) Post #AZDR9zCsnMyNlSuvPk by BjornToftMadsen@social.coop
       2023-08-29T06:35:27Z
       
       0 likes, 8 repeats
       
       I was the victim of an extremely clever card fraud/social engineering hack. Well, partly a victim since I managed to stop it. I was called by my bank, as they wanted to “verify some suspect transactions on my account”. Then things got weird…🧵
       
 (DIR) Post #AZDRA11G3YrXNzUfZY by BjornToftMadsen@social.coop
       2023-08-29T06:38:45Z
       
       0 likes, 0 repeats
       
       I was informed that there had been a charge for £2900 on a travel booking site. As this conversation with my bank’s counter-fraud team was happening, I logged into my bank account and could see the fraudulent charge. “Was this you?” No, it definitely wasn’t me. Phew, well done for catching it. “Also, sir, there is another transaction occurring right now that seems odd - for £5900 at Marbella Boat Hire. Is this you?”
       
 (DIR) Post #AZDRA2s7AWjl8DEObA by BjornToftMadsen@social.coop
       2023-08-29T06:40:32Z
       
       0 likes, 0 repeats
       
       Nope, that wasn’t me either.At this point, my pulse was obviously raised and I was worried what else was going on. “Ok, sir, we are going to send you a verification code, which we need you to read back to cancel the transaction”. Ok, bit odd, but yeah, let’s go and get these cancelled.
       
 (DIR) Post #AZDRA4cwdtn6Zk9JEO by BjornToftMadsen@social.coop
       2023-08-29T06:41:21Z
       
       0 likes, 0 repeats
       
       Then a text/SMS message arrives with a six digit code. I put the call on speaker so I can read it out. And I notice something odd…
       
 (DIR) Post #AZDRA6N49uHHz4jel6 by BjornToftMadsen@social.coop
       2023-08-29T06:45:40Z
       
       0 likes, 0 repeats
       
       The full text of the message says: “Do not share this message with anyone. To approve the purchase from Marbella Boat Hire for £5900, use code 638267”. Hold on, I say, this says “to approve the purchase”!“Ah, right, sir, we’ve had a few problems with our messaging system, so I’m not 100% sure what the message actually says. We just need the code so we can get the purchase blocked. You can ignore the start of the message”. My spider-sense is tingling, so I challenge…
       
 (DIR) Post #AZDRA8EdEEiflUnwtE by BjornToftMadsen@social.coop
       2023-08-29T06:48:34Z
       
       0 likes, 0 repeats
       
       I can’t share this code, I say. “No, sir, that’s very smart. I’m so sorry about our messaging system being odd. Let me send you a notification inside your banking app instead”.The notification arrives and I open my banking app, thinking a hitherto red warning label is about to show me a button to cancel a transaction inside the app. But again it just says “to approve this transaction”. Now I’m starting to worry …
       
 (DIR) Post #AZDRAA3MT6tPP7XybI by BjornToftMadsen@social.coop
       2023-08-29T06:50:01Z
       
       0 likes, 0 repeats
       
       So finally I say, look, I need to call my bank directly. This all seems a bit odd. And then, naturally (in retrospect), the guy hangs up. I call my bank. They verify that it wasn’t them.
       
 (DIR) Post #AZDRABsRgfLj3qSHrc by BjornToftMadsen@social.coop
       2023-08-29T06:51:18Z
       
       0 likes, 0 repeats
       
       So, very cleverly, the fraudster has used their first fraudulent transaction to socially verify that they knew something only a bank could know - about transactions on my card. They used that transaction - that they themselves had done - to get me to read a 3D secure code to approve the next transaction that they also wanted to do.
       
 (DIR) Post #AZDRADqkLxB9B9fxUe by BjornToftMadsen@social.coop
       2023-08-29T06:53:10Z
       
       1 likes, 0 repeats
       
       They were able to to do this because the first transaction had happened on a site that didn’t use 3D secure. I’m surprised this is still possible. In the end, my bank refunded the first transaction. So I haven’t lost anything. But it shows the clever tricks fraudsters will try to pull and how easy it is to be fooled by the “boiler room” trick. “IT’S HAPPENING RIGHT NOW - DO SOMETHING QUICK!”End 🧵
       
 (DIR) Post #AZDRqACyHZpa304Q6a by smallsees@social.dropbear.xyz
       2023-08-29T07:29:11Z
       
       0 likes, 0 repeats
       
       @BjornToftMadsen I've not heard of that flavour of scam before, thanks for posting it.
       
 (DIR) Post #AZDn8sNUtgI5Hsl2rQ by robinwhittleton@mastodon.social
       2023-08-29T07:14:17Z
       
       0 likes, 1 repeats
       
       @BjornToftMadsen when I’ve had calls from my bank I always ask for a name, then tell them I’m going to ring them back from the support number on their website. General confusion from the bank, but so far it’s worked every time. Luckily I’ve not yet had a fraudulent call.
       
 (DIR) Post #AZDnX60jrUY2WFf4uu by revk@toot.me.uk
       2023-08-29T07:31:13Z
       
       0 likes, 0 repeats
       
       @BjornToftMadsen I was pondering how they make money from the boat hire charge though. I am sure there is a way. Or does the boat hire have to be complicit. Given how card charges can be disputed and clawed back how do they actually extract the money? Curious.
       
 (DIR) Post #AZDnX6ihE3i4iaEBQu by BjornToftMadsen@social.coop
       2023-08-29T07:32:35Z
       
       0 likes, 0 repeats
       
       @revk I think it’s simpler than that, in this case. I don’t think this was industrial-scale fraud. I think someone has bought a list with my details and was using one to try and book themselves a holiday. It would be extremely easy to investigate for the police, but we all know (including the fraudster) that it won’t happen.
       
 (DIR) Post #AZDnX7RiWfiqyDI8bg by revk@toot.me.uk
       2023-08-29T07:35:36Z
       
       0 likes, 0 repeats
       
       @BjornToftMadsen wow, I would have assumed it was risky, by end of holiday police could be waiting. But as you say, is it really a risk these days?!
       
 (DIR) Post #AZDnX8686Q34zYCPb6 by BjornToftMadsen@social.coop
       2023-08-29T10:21:00Z
       
       0 likes, 0 repeats
       
       @revk I think it’s just seen as “part of doing business” by the banks. Doubt they even report it to the police.
       
 (DIR) Post #AZDnX8vB2csjXs5BAG by mansr@society.oftrolls.com
       2023-08-29T11:32:26Z
       
       0 likes, 0 repeats
       
       @BjornToftMadsen @revk A while back, a workmate's wife's purse was stolen. The thief used one of her cards to pay his council tax.
       
 (DIR) Post #AZDp2bZwdwBZM9iY7M by revk@toot.me.uk
       2023-08-29T11:49:24Z
       
       0 likes, 0 repeats
       
       @mansr @BjornToftMadsen Surely nobody would be so stupid as to do something so very traceable (and reversible)????
       
 (DIR) Post #AZDpk2TKWw1nDUKnBo by mansr@society.oftrolls.com
       2023-08-29T11:57:17Z
       
       0 likes, 0 repeats
       
       @revk @BjornToftMadsen Purse thieves aren't exactly known for their high intelligence.
       
 (DIR) Post #AZEoh3bzvkKL5RMZ3Q by fenarinarsa@shelter.moe
       2023-08-29T22:33:00Z
       
       0 likes, 0 repeats
       
       @BjornToftMadsen Yeah it's a pretty common fraud nowadays. There's a variation on this one where they tell you to go to a DAB, make a manipulation, send you a verification text message, while someone else is actually withdrawing money from your account on another DAB and they need you to validate the operation from your phone because they're doing it from a suspicious location.Banks say that they NEVER call to ask you doing anything or ask for verification codes. Because they don't need it in the first place.
       
 (DIR) Post #AZEoh4UwdSHNpr4RhQ by duponin@udongein.xyz
       2023-08-29T23:19:58.361451Z
       
       0 likes, 0 repeats
       
       @fenarinarsa @BjornToftMadsen what a storybtw, don't you mean ATM instead of DAB? :thinking_cirno: