Beware of Phone Scams: 3-Digit Security Code Ruse, Computer Tech Support

| 2 Comments | No TrackBacks
Criminals use the phone to commit many different types of fraud. They often use publicly available data, phone directories or data they obtained in a data breach --so they might know your name and other personal information when they call you. They might pretend to be representing your bank, utility company, cell-phone provider, lottery officials, law enforcement agency ---or even posing as fraud prevention specialists with your credit card company or a technician with Microsoft who detected a computer virus.

Here are two blogs about the latest telemarketing scams written by my fellow fraud-fighters from Fraud and Scam Victims --republished with their permission. 

Beware the 3-Digit Security Code Ruse

This post is written by Jodi Pratt, Director of Business Development, Co-Founder of the Foundation for Payments Fraud Abatement & Activism, Inc. and Re-posted with permission. 

When Andy got a call from VISA's security department, he was very impressed.

"This is Dick Hart and I'm an investigator from VISA. We have noticed unusual account activity on your credit card account. Did you purchase a smart phone from an online store in Oregon for $346.77?"

Andy told him, "No".

"Then we will be crediting your account for this purchase. You will see the credit on your next statement. Let me confirm your mailing address," and Dick recited Andy's mailing address.

Dick was a really friendly and informative guy. He told Andy that they have been watching this on-line store for quite some time and hope to have a few arrests, soon. He promised that he would file a fraud report on Andy's behalf. He provided a "Case Control Number" and told Andy he could call the 800 number listed on the back of his card, ask for the security department and give them that number if he ever wanted to check on the case. Andy felt confident that his account was in good hands.

Then Dick said, "I need to make sure you are in possession of your card. Do you have your card handy?" Andy said he did. "Can you tell me the three-digit security code on the back of the card?" Andy obligingly located the three-digit security code and read it off to Dick.

"That's it. Now, do you have any other questions for me?" Andy said no, thanked Dick for his diligence and then hung up the phone. But soon, Andy began to feel uneasy. Something didn't feel right.

The next day, Andy decided to call the 800 number on the back of his card. He asked for the security department and told the investigator that he wanted to check on a fraud report, giving him the Case Control Number Dick had provided. The investigator said they didn't have any case numbers like that.  Andy then asked to speak to Dick Hart. He was told there was no Dick Hart working there.

After Andy explained why he was calling, the investigator checked his account. There was a $346.77 charge made at an online store in Oregon on his account. The charge had been made the day before, a few minutes after Andy had ended his call with "Dick". Andy had been scammed into giving a crook the only piece of information the crook didn't already have - his 3-digit security code.

Both VISA and MasterCard have seen this scam resurge periodically, ever since they instituted security codes to facilitate online purchases more than a decade ago. The scam is a socially engineered fraud which relies on the crook having a certain amount of information about the victim, an air of authority and a credible story to get the victim to release even more personal information.

When someone calls you representing themselves as a fraud investigator, your banker or even police officer, take a moment and:

  • Think about the possibility of "social engineering".  Scoundrels use social situations to manipulate people. Don't automatically assume that a caller is who they say they are no matter what they seem to already know about you. Be skeptical.

  • Be wary of callers asking for personal information.  It's pretty easy these days for crooks to obtain pieces of information about you and to make up a good story around them. Don't be lulled into telling callers anything they don't already know.

  • Verify the caller using a trusted resource. Ask callers for their name, their department and their company or organization. Then hang up, obtain a phone number for their company from a statement, the company web site, or call information. Call the company yourself to verify that the situation the caller was calling about is legitimate.
Be wary when someone calls you unexpectedly, even if they sound like the good guys. The real good guys will not ask for sensitive information and will understand your caution

Microsoft Windows Support Telephone Scam

Written by Shawn Mosch, Co-Founder of and re-posted with permission. 

Most of us use our computers on a daily basis, and the idea of a virus in our computer is something that no one wants to deal with.  So what if a computer technical support service called you and warned you that they had detected a virus on your computer, and they were able to help you to rid your computer of that virus BEFORE it corrupted all of your files and documents?

This is one of the phone scams that is going around right now, and I know about it because they called my house twice this week.  When I answered the phone the person on the other end identified themselves as a Tech Support Specialist from Microsoft.  They knew my name and address, and they told me that they had detected a problem with my computer.  It just seemed strange to me that a company like Microsoft would be calling me to alert me to a virus on my computer, but I listened to what they had to say because I knew it had to be a scam and wanted to get some more information from them.  They wanted me to go to my computer and go to a website and that is when I told them that I knew that there was no problem with my computer.

After hanging up, I jumped on my computer and started doing some Google Research.  I found that this scam has been hitting people in the UK, Australia, South Africa and now it seems to have made it's way to the United States.  Had I stayed on the phone, the phony Tech Support caller would have directed me to look at some files on my computer that would have "proven" that I had the virus that they were calling about.  They would have then directed me to a website where I could download a file that would fix the issue, but what that file really does is allow them access to your computer!  Now they have all of your information!  And to top it off they will ask you to pay them for this service.

Microsoft has information about this scam on their website;

    Once they have access to your computer, they can do the following:

  • Trick you into installing malicious software that could capture sensitive data, such as online banking user names and passwords. They might also then charge you to remove this software.
  • Take control of your computer remotely and adjust settings to leave your computer vulnerable.
  • Request credit card information so they can bill you for phony services.
  • Direct you to fraudulent websites and ask you to enter credit card and other personal or financial information there.
Neither Microsoft nor our partners make unsolicited phone calls (also known as cold calls) to charge you for computer security or software fixes.

 As with anything, do your research first.  One intended victim indicated that when they spoke with the phone Tech Support person they indicated that they had 4 computers in their home, and asked which computer had the problem. The phony Tech responded that they could turn on any one of their computers to fix this problem.  This was a dead giveaway that it was a scam.

If you have been hit by this scam you should change your passwords, use a trusted malware scanner to remove any unwanted software from your computer and contact your bank and credit card companies.

Recognize & Report Telemarketing Fraud 

Find more info on: Scams and Identity Theft.

Enhanced by Zemanta

No TrackBacks

TrackBack URL:


Glad you brought this up. That 3-Digit Security Code Scam is very deceiving and it could easily fool anybody. With the scammer suggesting you can call the bank anytime to check, that's one way to encourage confidence from the victim. I feel sorry for Andy but I admire his concern about other people falling for the same scam and shred this experience.

I got a scam call like that but it was not as deceiving as Andy's. Call came from 704-271-2186 and that being an anonymous number and the man talking about my bank account, it was already suspicious. I told him the call was recorded and I'd let the police listen to it. Sure enough, he hung up. And when I looked up the phone number, I found it reported to for scamming. Check out what the victims have to say. Nice try, scammer.

Leave a comment

A memoir exposing the steep price consumers pay when facing mortgage servicing errors, inaccurate credit reporting, illegal debt collection practices, identity theft and weak consumer protection laws. THE BOOK » DENISE'S STORY »