It’s not safe anymore to call the phone number on the back of your credit card. Fraudsters now have a way of diverting your call to them. To be clear, you can’t trust the phone number on the back of your credit or debit card. When you call your card company, be on guard for crooked actors.
Real-Life Case. Dialing the number on the back of the card, in this real-life case, connected to a man with an accent, which is normal. Christmas was less than a week away and he read a script saying a free $100 gift card was being sent to everyone calling in, as a thank you to loyal customers. He will pass me on to someone who could help me with my question about my account, but first, he said: “Please just provide an address to send your $100 gift card and a card that we can bill for the $2.99 shipping fee.” The cardholder name, address and card number had to be repeated and recorded one at-a-time, which seemed like a rigorous identity validation. Then, he said they have one other special offer for just $29 a month. Suddenly, this call seemed very odd, so I hung up. Did I dial the wrong number? No, my outgoing call log showed the bank number was dialed correctly.
A New Fraud. This appears to be a new type of consumer fraud. Googling “hijacking bank phone numbers” and related searches in December 2022 did not return any results referencing reports of similar telemarketing fraud incidents.
Bank Statement. Because the bank is a victim in this case and its authentic representatives did not know they were talking to a financial journalist who would write about the incident, the bank’s name is not disclosed. It is one of the largest banks in the U.S. Reaching the bank required dialing the number on the back of the card several times. The first attempt was answered and abruptly hung up on. On the next try, no one answered. After a couple more attempts, an authentic-sounding automated message system answered my call and eventually I was connected with a bank security team representative, who confirmed that this was a new type of fraud. The bank immediately blocked my card from being used and sent me a new one that arrived the next day.
Proper Protocol. Before the bank security team representative would answer any of my questions, my identity had to validated using a one-time password (OTP) sent to my cell phone. Two-factor authentication is a commonly used anti-fraud tactic. If your bank security department does not use two-factor authentication before talking to you about your account, be wary. Ask the bank representative to tell you the last place you used your debit or credit card to validate that you are indeed speaking to your bank.