Credit Card Frauds: A Real Close Shave!

Only the other day we were discussing with a few bankers about the fact that online frauds or crimes are still very low in India compared to advanced countries. We justified this with another fact that millions of Indians are still ignorant or have no online presence. And just the next day I had a close shave from a potentially serious credit card fraud. We have heard a lot about card protection in terms of safeguarding against phishing or seemingly genuine emails asking for personal information, dubious text messages, stolen or lost cards, taking care while shopping or at the ATM machine, skimming and so on. But to find out what exactly defines my experience I had to surf the net for a while finally resting on a term ‘Tele Phishing’. 

During a very busy day in office I received a call from a lady who identified herself as a bank executive of the private bank with which I had multiple and most frequently used credit card accounts. As I had been used to getting such calls from very similar sounding lady executives I took the call casually while going on with my work. The lady informed me that as per the RBI guidelines the bank had decided to issue a new card replacing my multiple accounts and the new card had a host of benefits with no payment liabilities. 

I had three weak points at that point of time: 1. I was attending the call in a casual way not disturbing my office work; 2. I did not suspect her identity as a bank executive while noticing that she had called me from a mobile number, and 3. I in fact wanted a single account since I was using only one particular credit card all the while and did not need the other cards. And the smart lady capitalized. 

I started giving all information as she wanted including date of birth, card number and the three-digit CVV (Card Verification Value) number on the back of the card. The executive informed me that there will be such amount of reward points and a onetime payment that would be reflected in the statement but would be adjusted against the reward points. One part of the reward points would be paid by the bank in cash. I was also told that a business firm would call me for my confirmation so that the gifts could be couriered to my home address. Indeed, the supposed business firm called immediately and gave the list of my gifts like T-shirt, credit card pouch, wrist watch and so on. Then the lady called me again that the bank has sent me a text message containing a six-digit number the last three digits of which would be the CVV of my new card. I saw the private bank name in the sender ID of the text message and so assured read out the number to her. 

Maybe the lady executive and her accomplice had one weakness at this point—they were becoming too greedy. 

She called again asking for my second credit card details. I was piqued at that time and asked her how many cards were going be issued since she earlier told me that one single account would replace all others. She quickly told me that two cards were being issued. I was not convinced, but at that time the office peon came in with a bunch of papers for signature and so I went on with her while doing my work. The same process was repeated including the bank text message containing the second six-digit number. 

Suddenly I developed cold feet realizing that I had given all crucial information of my cards. Immediately I checked the text messages sent by my bank and to my horror I found that those contained OTP (One Time Password) numbers which are generated during online transactions. 

Fearing that transaction alerts amounting to God-knows-what figures might come any time I panicked and with trembling hand dialed the bank customer helpline. Luckily I got to speak to a customer service executive immediately. I asked him if the bank was going to issue new cards rushing through my experience. The executive was not sure and so I immediately requested him to block all my cards and not entertain any transaction that could come any moment. 

I got one more text message from the bank containing another OTP. The smart lady called up next requesting me to tell her the number informing me that the earlier number was invalid. I wanted to make sure one final time. I asked her ‘Where are you calling from?’

‘From …. bank’.  She replied, a little surprised.

‘Prove that you belong to the …..  bank.’ She fell silent.

‘Prove or I’m giving your number to the police right now.’ The line was cut instantly. 

I think credit card protection is hardly enough even now. The banks should adopt preventive measures, issue regular notifications and should announce that their executives will call customers always from authorized office landlines and not mobiles. In my experience real executives did call from mobiles at times. 

I had a close shave. You should learn from this and prevent such frauds. Be ready anytime to thwart tele phishing or any other attempts to fool you. The numbers that were used in this fraud are, 08459490706 for the bank executive and 08130486175 for the trader. Seem to be purely Indian and this means fraudsters are trying to make it big in India now. Beware!