We're aware that some users are experiencing technical issues which the team are working to resolve. See the Community Noticeboard for more info. Thank you for your patience.
📨 Have you signed up to the Forum's new Email Digest yet? Get a selection of trending threads sent straight to your inbox daily, weekly or monthly!

Scam call - they knew all about me

Options
2

Comments

  • TVR450
    TVR450 Posts: 7 Forumite
    Fourth Anniversary Combo Breaker First Post
    Ah, interesting they only ever quoted be the last 4 digits of the card number.
  • DullGreyGuy
    DullGreyGuy Posts: 18,613 Forumite
    10,000 Posts Second Anniversary Name Dropper
    TVR450 said:
    Ah, interesting they only ever quoted be the last 4 digits of the card number.
    So they tricked you into thinking they had the whole number but only actually had the last 4 digits which they could get by going bin diving. Some card receipts even have the cardholders name on them, as long as it isn't A.Smith a bit of detective work and assuming the person lives relatively local to where the receipt was found and it wouldn't be hard to make that call to you; people post far too much on social media etc!
  • jimjames
    jimjames Posts: 18,648 Forumite
    Part of the Furniture 10,000 Posts Photogenic Name Dropper
    TVR450 said:
    Ah, interesting they only ever quoted be the last 4 digits of the card number.
    The most commonly stored part of the card data, points back to retailer breach again
    Remember the saying: if it looks too good to be true it almost certainly is.
  • TVR450
    TVR450 Posts: 7 Forumite
    Fourth Anniversary Combo Breaker First Post
    Ah, interesting, he only ever mentioned the last 4 card digits.
  • TVR450
    TVR450 Posts: 7 Forumite
    Fourth Anniversary Combo Breaker First Post
    AmityNeon said:
    TVR450 said:
    Yes, ok, the only part they did not manage was to convince my phone provider to send them a new SIM, then they could have received the OTP themselves.  I guess they did not manage to work out who my phone provider was or my security is good enough on my phone account.
    How do you know they attempted to take over your mobile number?
    I don't to be honest.  That was just speculation that the scam would have worked if they had taken over my mobile phone account.
  • AmityNeon
    AmityNeon Posts: 1,085 Forumite
    1,000 Posts Second Anniversary Photogenic Name Dropper
    TVR450 said:

    Ah, interesting they only ever quoted be the last 4 digits of the card number.

    So they tricked you into thinking they had the whole number but only actually had the last 4 digits which they could get by going bin diving. Some card receipts even have the cardholders name on them, as long as it isn't A.Smith a bit of detective work and assuming the person lives relatively local to where the receipt was found and it wouldn't be hard to make that call to you; people post far too much on social media etc!

    How did the scammers initiate the Santander OTP for a £1,500 transaction? I doubt a phishing text would make it so blatantly obvious that it was for a high-value transaction completely unrelated to the phone conversation.

  • AmityNeon
    AmityNeon Posts: 1,085 Forumite
    1,000 Posts Second Anniversary Photogenic Name Dropper
    edited 3 October 2024 at 5:18PM
    TVR450 said:
    AmityNeon said:
    TVR450 said:

    Yes, ok, the only part they did not manage was to convince my phone provider to send them a new SIM, then they could have received the OTP themselves.  I guess they did not manage to work out who my phone provider was or my security is good enough on my phone account.

    How do you know they attempted to take over your mobile number?

    I don't to be honest. That was just speculation that the scam would have worked if they had taken over my mobile phone account.

    Indeed it could have. I recommend a second mobile phone number that's strictly reserved for banking and 2FA, and never revealed to any contact. Modern phones can support Dual SIM Dual (Standby/Active) and PAYG SIMs are very cheap to maintain connectivity. Whilst it won't stop rogue employees, at least your mobile number that's likely been uploaded by your contacts to countless databases won't be associated with your banking.

  • AmityNeon said:
    TVR450 said:

    Ah, interesting they only ever quoted be the last 4 digits of the card number.

    So they tricked you into thinking they had the whole number but only actually had the last 4 digits which they could get by going bin diving. Some card receipts even have the cardholders name on them, as long as it isn't A.Smith a bit of detective work and assuming the person lives relatively local to where the receipt was found and it wouldn't be hard to make that call to you; people post far too much on social media etc!

    How did the scammers initiate the Santander OTP for a £1,500 transaction? I doubt a phishing text would make it so blatantly obvious that it was for a high-value transaction completely unrelated to the phone conversation.

    Don't think OP has confirmed but if scammers had acquired full card details from OP (having been given last 4 digits) then that would be used on online site to initiate purchase of shiny thing, triggering Santander to send OTP which scammers want read out to them. 
  • AmityNeon
    AmityNeon Posts: 1,085 Forumite
    1,000 Posts Second Anniversary Photogenic Name Dropper
    AmityNeon said:
    TVR450 said:

    Ah, interesting they only ever quoted be the last 4 digits of the card number.

    So they tricked you into thinking they had the whole number but only actually had the last 4 digits which they could get by going bin diving. Some card receipts even have the cardholders name on them, as long as it isn't A.Smith a bit of detective work and assuming the person lives relatively local to where the receipt was found and it wouldn't be hard to make that call to you; people post far too much on social media etc!

    How did the scammers initiate the Santander OTP for a £1,500 transaction? I doubt a phishing text would make it so blatantly obvious that it was for a high-value transaction completely unrelated to the phone conversation.

    Don't think OP has confirmed but if scammers had acquired full card details from OP (having been given last 4 digits) then that would be used on online site to initiate purchase of shiny thing, triggering Santander to send OTP which scammers want read out to them.

    The quoted line of conversation was along the assumption that the OP was tricked into thinking the scammers had the whole card number but only actually had the last 4 digits; hence the question.

  • PRAISETHESUN
    PRAISETHESUN Posts: 4,864 Forumite
    Sixth Anniversary 1,000 Posts Photogenic Name Dropper
    AmityNeon said:
    TVR450 said:
    AmityNeon said:
    TVR450 said:

    Yes, ok, the only part they did not manage was to convince my phone provider to send them a new SIM, then they could have received the OTP themselves.  I guess they did not manage to work out who my phone provider was or my security is good enough on my phone account.

    How do you know they attempted to take over your mobile number?

    I don't to be honest. That was just speculation that the scam would have worked if they had taken over my mobile phone account.

    Indeed it could have. I recommend a second mobile phone number that's strictly reserved for banking and 2FA, and never revealed to any contact. Modern phones can support Dual SIM Dual (Standby/Active) and PAYG SIMs are very cheap to maintain connectivity. Whilst it won't stop rogue employees, at least your mobile number that's likely been uploaded by your contacts to countless databases won't be associated with your banking.

    I'd also recommend setting up/changing the default SIM PIN to protect against SIM swapping attempts. It's not foolproof, but it slows things down if it gets to the point of a scammer actually managing to hijack your SIM.
Meet your Ambassadors

🚀 Getting Started

Hi new member!

Our Getting Started Guide will help you get the most out of the Forum

Categories

  • All Categories
  • 350.9K Banking & Borrowing
  • 253.1K Reduce Debt & Boost Income
  • 453.5K Spending & Discounts
  • 243.9K Work, Benefits & Business
  • 598.8K Mortgages, Homes & Bills
  • 176.9K Life & Family
  • 257.2K Travel & Transport
  • 1.5M Hobbies & Leisure
  • 16.1K Discuss & Feedback
  • 37.6K Read-Only Boards

Is this how you want to be seen?

We see you are using a default avatar. It takes only a few seconds to pick a picture.