Almost a week later, my husband and I are still reliving the nightmare.
Last Saturday, we fell victim to a phishing attack and were almost scammed out of $50,000.
It began with a text that read: “Capital One: Did you attempt to use your card for $1,782.03 at Best Buy? If you recognize this transaction, reply YES. If not, reply NO.”
Naturally, I replied in the negative.
Then came a follow-up.
“Capital One: Your card is restricted. Would you like to speak with a representative? Reply YES or NO.”
And so it began.
What appeared to be a very patient gentleman was in fact a very calculating thief hoping we would swallow the bait.
By some means he had accessed not only my cell phone number but also my checking and credit card accounts and charged outrageous amounts for laptops, cell phones, computer software and other electronic goods.
Viewing my statement, the charges were all pending.
His goal was to lure me into assuring Capital One I wanted the goods.
“That’s how we catch the thief, ma’am,” he said.
Though it seemed far-fetched, we admitted this was way beyond our ken and he must be right.
After all, the purchases were there in black and white.
We still shake our heads at our gullibility.
The guy was slick, claiming he worked for the credit company’s fraud department. How were we to know otherwise? After all, he’s the one who reached out to us to alert us of these charges.
Things began to feel fishy when he had me call the credit card company to “work” with an agent to OK the charges.
When I was on the call, he began texting me, telling me what to say.
I began to feel I was being led down a dark tunnel.
I said to my husband Brian, “This doesn’t feel right.” Why was I acting as the go-between?
All of a sudden, the clouds cleared as I was talking to a real agent.
The thief could feel he was losing his grip.
He texted me, asking what was going on.
I didn’t reply and then blocked his number.
He then started calling Brian, who followed in the same suit.
In his last message all professional pretext was dropped.
“We see you guys are denying our calls.”
We had gotten away, none too soon.
EVER SINCE, I’ve been learning everything I can about how to protect against credit card fraud.
Helpful tips include:
• Even when a frequent shopper at a particular online store, it’s safer to make your purchases as a “guest” rather than set up an account and have the website store your credit card information, which can increase chances of fraud and identity theft.
• Change your passwords frequently. Don’t use the same password on multiple sites. Never use personal information. Instead of a word, consider using a passphrase — a series of words that is generally longer than most passwords and could be easier to remember.
• When reading about goods and services, don’t click on the links, but type in the URL yourself into the address bar. Scammers who send phishing emails rely on us to click on the links to be taken as a retailer’s website when those links actually lead us to cleverly designed look-alike websites. The difference can mean you’re giving your user name and password to a cyber criminal.
The credit card company said it could take up to 90 days to clear all the charges.
In the meantime, our new cards should arrive any day.
In truth, I’ll be hesitant to use mine.
