Every now and then a blog topic appears out of nowhere, looks you in the face, and says BOO! Our credit union called on Sunday to alert us to possible fraud on one of our cards. They took us through the process of verifying a few suspicious transactions. Then they put the account on hold and began the process of issuing new cards. It was the usual over-the-phone slog. Provide member number here, confirm home address there, several requests of “Can you please hold for a minute?”, and so on. But “so on” went from minutes to tens of minutes. Suddenly it occurred to us: the credit card fraud was happening right in front of us.
If you’ve ever been a victim of fraud in any of its forms, it’s one of the most unsettling feelings I can ever describe. These cyber-thieves might as well just walk through your front door and help themselves to whatever they want. The fact that your phone sits on the counter patiently awaiting calls suggests you are open to the opportunity on any day, at any time. In this case I’m convinced the hack was deliberately timed. We were preparing dinner for visiting family on a weekend night. My wife and I were dashing about the kitchen with last-minute preparations The last thing we had time for was a phone call.
Trust can be established in the blink of an eye. The Caller ID on my wife’s phone showed the word-for-word name of our credit union. The caller identified himself in a business-like voice as an agent from the union’s fraud department. And shortly after calling, he sent us the typical text messages we’ve come to expect in these situations, showing our credit union’s logo and other validating information. In those first few moments of interaction, when your mind is focused on dinner and fraudulent charges, it just doesn’t occur to you to question the caller himself.
Of course, we committed a cardinal sin of fraud by simply answering the phone. Our credit union never has a live agent call us when they suspect fraud. Instead they leave a recorded message asking us to call back to verify the charges. When we call back we answer a few questions through an automated system, and the credit union takes it from there. Zero interaction with a real person from start to finish.
If there’s any good news in this experience, it’s that our Sunday evening caller didn’t succeed despite his determined efforts. After cutting short the call we promptly contacted our credit union and learned that yes, in fact, fraudulent charges had just been attempted on our card… and were declined. Whatever security bells and whistles were put in place to detect and deny this kind of activity worked exactly as they were meant to. But the fact remains, we pretty much opened the front door, greeted the scammer, and said, “Hey, come on in!”
The counter tactics for this sort of plunder are plentiful, of course. Some credit cards no longer use a static 16-digit number or security code. Most allow two layers of authentication before access. Others churn out text messages or emails when charges are considered suspicious. Then again, you can simply do what my mother-in-law does and pay for everything in cash. Not a bad idea to be honest, as long as cash remains an acceptable form of payment.
It’s disheartening to live in a world where others are desperate (or evil) enough to develop sophisticated, practiced methods to steal by simply getting you to pick up the phone. In truth, this bandit has done me a favor. He’s heightened my awareness to such card tricks by his single invitation to sit down at the table and play. The next time this happens (and there will be a next time) I’ll be watching the cards very carefully. And you can bet I’ll be watching the magician himself even more so.
Life In A Word 