Watch Out For Scammers Pretending To Be Your Credit Card Company's Fraud Department

This should have been one of the first things your parents told you about avoiding scams, but in case they were busy watching TV or something — here you go:

When a strange person calls you on the telephone claiming to represent a company you do business with and asks you to give them sensitive personal information, tell them that you’ll call them back on the regular customer service number that you usually use to contact them.

From CBC:

Ottawa police Sgt. Mike McCormick said fraudsters are now calling customers claiming to be from the fraud department of their credit card company.

“We know as a general public that there’s a lot of fraudulent activity on credit cards and debit cards, so when we start hearing … your financial institution calling you ask you for specific information and providing information that nobody else should know, it brings down our wariness,” said McCormick, who is with the organized fraud section.

He said investigators are seeing a steep increase in reports of a scam in which a caller names an unusual big-ticket item and asks if the customer has recently purchased it.

When the customer says no, the caller says the company involved has been cropping up in a lot of suspicious transactions.

The caller provides a reference number for the customer’s file and give the customer a 1-800 number to call.

He or she also asks the customer to confirm that they still have the card by providing the three-digit security code marked on the back.

Fraud investigators say no legitimate credit card company will ask you for that code.

McCormick said the fraudster typically already has your address and credit card number, usually from dumpster diving for receipts and bills.

Scammers are good at pretending to be your credit card company. Don’t fall for it.

Callers use fake fraud to gain credit card security codes [CBC]


Edit Your Comment

  1. B1663R says:

    that’s kinda weird that the local Ottawa Police would issue a bulletin like this. normally it would come from the RCMP.

    talk about not trusting your source.

  2. t325 says:

    I got a phishing e-mail at work today that claimed to be a bank’s fraud department that told me my card was deactivated due to fraudulent activity and to call some 1800 number it gave to reactivate it. So for the hell of it I called it, entered some fake card information and hung up. The sound quality on the call was absolute crap (I was calling from a landline), static and breaking up and stuff, so that call ended up going who knows where. The voice on the other end was a computerized text-to-speech one that you could tell was fake. Nonetheless, I’m sure some people will fall for it

  3. @t325: If they call me, I’ll give them a bogus three-digit code just to see if they say, “hmm…ok.” That would be hilarious.

  4. Chols says:

    i just can’t wait until the people who have so many millions of dollars overseas needing a bank transfer stop emailing me!

  5. Blinker says:

    People who are dumb enough to fall for these scams that have been going on for 10 years or so deserve to get taken for all they have. You hear about these scams all the time, I just cant see how anyone would be dumb enough to fall for it. These are right up there with the Nigeria scams

  6. ConsumptionJunkie says:

    How gullible do you have to be to fall for these scams? It’s too bad more people don’t read the Consumerist.

  7. jscott73 says:

    “Callers use fake fraud to gain credit card security codes” – umm, is “fake fraud” like “not really fraud”?

  8. t325 says:

    @Blinker: I work in IT at a university, and recently had to help a professor after he fell for a phishing scam and sent his university userid and password to someone. He barely spoke English (which is a complaint I have, how can a professor teach American students when they barely speak a single word of English, but I digress), but I can’t fault him too much because he probably simply didn’t understand all the warnings we’ve sent out and that he’s heard over the years. Sure, there’s some common sense involved, but still, there’s a language barrier. One of the best examples of a phishing e-mail is poor grammar and broken English, which the e-mail he replied to had. But when he could barely understand the language, how the hell is he supposed to know that “dear sirs or madame, i from university department of security. we do account audit and find your account need audit please reply to mail with username and password or account will be closed” is terrible grammar?

  9. eightfifteen says:

    Well, there’s the Barnum way to look at it, “a fool and his money are soon departed”

    Then there’s the South Park way to look at it and say the Canadians deserve it, with their beady little eyes and flapping heads.

  10. tricky69 says:

    People hacking is nothing new.

  11. sharding says:

    Sadly, the banks are making it harder and harder to verify this kind of thing. At least one of my banks has outsourced the part of the operation that deals with contacting customers about fraud. When I recently received a call from them, I looked up the number that showed on my caller-id and found no relationship to my actual bank. And when I called the bank’s normal customer service number, the rep had no idea what I was talking about. Thankfully, I was able to get ahold of a rep who knew what was going on and was able to verify that the call was legitimate. But they’re really making it difficult for customers to do the right thing here…

  12. dreamcatcher2 says:

    one problem is that my credit union contracts out its card fraud services… the number they will leave me when asking me to verify a transaction is actually not my company’s regular service number, and belongs to a different company. But it’s still legitimate.

  13. sean77 says:

    I’ve actually had someone similar call and ask for my credit card number to “verify” my account. I told them my credit card number was “6”.


    “Yes, Six. I’ve had it for a very long time.”

  14. chemmy says:

    I just had a random number call my cell phone so I answered it. Weird area code I’ve never heard of.

    I answer and it’s a recording telling me there is a problem with my Verizon account and please call some other random number to verify my personal information so they can fix the problem.

    I’m so sure….

    If there is a problem, Verizon tells me when I log in to pay my bill or they text me about it….


  15. carolott says:

    It doesn’t help when your own bank pulls a stunt that matches the phishing scam.

    One day after I bought a laptop, I came home to a message on my voice mail — it was “Wachovia Fraud Department” and they left a 1-800 number to call. I called the number, and a computerized voice answered — “PLEASE ENTER YOUR CARD NUMBER.” That was it. No “Hello, thank you for calling Wachovia Bank…” nothing.

    So I figured it was a scam, and I hung up and called the regular Wachovia customer service number — turns out no, that’s really the fraud department number, and they were calling to verify a couple of large purchases I made that day.

    The whole thing seemed shady to me, and I’m glad I didn’t enter my card number, even if it really was my bank.

  16. Parting says:

    Happened to me couple of days ago. Only I DON’T have the credit card they were trying to tell me was ”compromised”. This was pretty obvious.

  17. Parting says:

    @Blinker: Don’t be an ass. There are a lot of older people who are pretty technologically handicapped. And they are afraid of technology, so they tend to trust people on such subjects. Scammers usually prey on most vulnerable people, and not your average Joe.

  18. StevieD says:

    Never say Yes.

    Never confirm any information.

    Always use the standard number listed on your card or written bill to contact the company.

    Oh, BTW, always tell the caller that you will call them back on the standard line as an attempt to avoid being scammed. Scammers just love to hear that you know their name and MO.

  19. ironchef says:

    I usually let them know my Nigerian banker usually handles all my transactions.

  20. sventurata says:

    Attention banks: cardholders HATE the different 1-800# line for fraud… why not route calls through customer service line and use the voice prompts to direct the call to the fraud department? I mean, come on.

    Also: I’ve worked for legit banks that solicit personal information on outbound fraud verification calls as “customer service.” Never mind that fraud is not a customer service department. If we didn’t update contact information and add missing passwords, quality docked us hard.

    So, Consumers: call the number on the back of your card. Don’t be snooty about it, just disconnect the call and briefly check in with the “legit” bank. Don’t ignore the call, hang up, or deliver a speech on “f***in telemarketers”… or your card may mysteriously cease to work shortly thereafter.

  21. AnderBobo says:

    This is a really tricky issue. I used to work in the fraud dept of a major Bank and they would tell us that these scammers basically have our exact script down line for line, and when it is the bank calling somebody people are so much more skeptical than if it were the consumer who called the bank. The whole fraud detection system did seem kind of like a scam, we would call a customer and then ask them for their SS# to verify their account, so no wonder so many people hung up on me, but it’s what we had to do.

    The only thing we could recommend was that the consumer call the toll free number on the back of their card so they feel more secure. But yeah, the scammers really have this one down to an art.

  22. heavylee-again says:


    You deserve a swift kick in the nads as much as “People who are dumb enough to fall for these scams that have been going on for 10 years or so deserve to get taken for all they have.

  23. Darling says:

    @Blinker: Hey, that’s my mom you’re talking about there!

  24. Mr. Gunn says:

    I’m starting to reach sympathy fatigue for the kind of people who still fall for this crap, over a decade after it has become widespread.

  25. sventurata says:

    @AnderBobo: They made you ask for SSN?! Man, that must have been uncomfortable! (But we’re prohibited from using the whole # as verification by national privacy law, so maybe I’m overreacting…)