Years ago, I was sitting at my desk in the office when I received a call from my credit card company. They were confirming if I charged successive transactions totaling P60,000 in a gasoline station using my plastic. My heart stopped beating and I broke out in a cold sweat.
See, I do not even drive to work. Not only was gasoline expensive but parking fees would break my personal budget. On the days I have to bring a car, I find myself having to choose between paying for full day parking or eating lunch.
So I frantically opened my handbag, looked for my wallet and was so relieved to see my credit card right where I last left it. Because I had my credit card with me, and transactions at gasoline stations required a card to be swiped, I was cleared of any wrongdoing.
But that favorable decision did not happen in an instant. I spent nights – and days – worrying about having to pay for something I did not spend. As a junior executive, that was a small fortune for me. It would wipe out my savings and I was looking at months of instant noodles for lunches.
This is why I really empathized when a couple of days ago, a reader victimized by voice phishing reached out to me. His credit card was charged with several transactions amounting to over P160,000 in online shopping and mobile payments. Several of the charges involve a delivery service that is not even available in the province where he resides. He has had trouble sleeping and has no idea where to begin to resolve this.
With his mention that he was a victim of voice phishing, I can only assume that a fraudster was able to speak to him on the phone, and managed to coax out of him personal and financial information. Then these were used to make the unauthorized transactions. And because he did share the confidential information, per terms and conditions governing use of credit cards, he is liable for the charges.
I’ve given him advice on how to pursue the matter and hopefully be spared of the liabilities as I was back then. Voice phishing appears to be escalating these days, as I have received several attempts on my mobile phone just last week.
With voice phishing, fraudsters make a phone call and ask their target for information they can use to hack into your financial account. Do not be tricked into giving your personal information to such requests.
Here are five things your credit card company – when calling you - will never ask over the phone.
#1 Your bank will never ask information through emails, calls, or SMS
Remember all the forms you had to complete when applying for a credit card? That means your bank already has the information on you. So why would they ask again over email, SMS or a phone call? If you get a call out of the blue, hang up immediately. Then call your bank’s hotline to report it.
#2 Your personal information should stay personal
In this age of social media, fraudsters can easily piece together information on individuals who share their birthdays, addresses, parents’ and spouses’ information, even marital status online. Be careful what you share, where you share and how much you share. For example, does your Facebook account need to have your birthdate in Month, Date and Year? Birthdates are one of the most commonly asked questions to verify account identity so think it through before you post.
#3 Treat your account information like cash
Will you stand in a street corner and hand out cash? Not likely right? Then why do the same with your account information? Do not share your log-in account name, your log-in password, your account details just because someone called saying they are from your bank and promises to give you higher credit limit or for a chance to win in a raffle. Verify these offers in your bank’s official website or by calling their hotline. When you initiate the contact, you can better verify the identity of the person and company on the other end of the line.
#4 Guard those 3 digits at the back of your card
Not all transactions are made with a card swipe. Most online transactions or mobile payments will ask for the 3 digits at the back of your card to verify. Make sure this combination is known only to you so do not leave your credit card lying around. Do not take photos or make copies as well and share with others.
#5 One Time Passwords are for your eyes only
Scammers also attempt to ask for the One-Time Password (OTP) that many banks now send to the account holder’s registered mobile number. After your log-in password, or cash advance PIN, the OTP is a second level of account protection designed for your account safety. Because fraudsters are becoming bolder and more ingenious, they know that most banks will not allow transactions to push through without both layers so they also ask you to request for OTP and disclose to them.
But did you know that even your bank will not ask you for your OTP? When this is sent to your phone, they will ask you to key it in – not say it out loud. So if you were fooled into sharing the first layer, hang up on anyone who tries to steal this information from you too.
If you receive an email, SMS or a call requesting for account information, report it immediately. If you get a One-Time Password (OTP) via SMS when you’re not currently doing any transaction, most likely, there is an ongoing unauthorized use of your card. Again report it to your credit card company.
Account security is a shared responsibility. Your bank is doing its share, so it’s important that you also do yours. Stay on top of your account and protect yourself from scammers.
Disclaimer: The views in this blog are those of the blogger and do not necessarily reflect the views of ABS-CBN Corp.