Trending Now
It’s a sad fact of life that scammers are everywhere and they’re doing everything in their power to separate you from your money.
And some of them are better at it than others, as you’re about to see.
A man named Pieter Gunst took to Twitter to tell his story about a very dangerous and very believable scammer.
This is how the scam started.
Oooof. Was just subjected to the most credible phishing attempt I've experienced to date. Here were the steps:
1) "Hi, this is your bank. There was an attempt to use your card in Miami, Florida. Was this you?"
Me: no.
— Pieter Gunst (@DigitalLawyer) October 7, 2019
These folks had obviously done their homework.
2) “Ok. We’ve blocked the transaction. To verify that I am speaking to Pieter, what is your member number?”
Me: <gives member number> (that number, by itself, is useless).
— Pieter Gunst (@DigitalLawyer) October 7, 2019
Somehow they were able to send him a verification pin from his bank’s number.
3) “We’ve sent a verification pin to your phone.”
~ Gets verification pin text from bank’s regular number ~
Me: <reads out the pin>
— Pieter Gunst (@DigitalLawyer) October 7, 2019
The person on the other line continued…
4) “Ok. I am going to read some other transactions, tell me if these are yours. ~ Reads transactions ~”
Me: Yes. These are all legitimate transactions I made
— Pieter Gunst (@DigitalLawyer) October 7, 2019
Then the person asked Gunst for his PIN number and he refused.
5) “Thank you! We now want to block the pin on your account, so you get a fraud alert when it is used again. What is your pin?”
Me: Are you effing kidding me, no way.
— Pieter Gunst (@DigitalLawyer) October 7, 2019
Luckily, he realized that this was indeed a scam and that, if he’d given them his PIN number, he would have been in BIG trouble.
6) Ok! But than we can’t block your card
Me: that is bs.
~ hangs up, calls the fraud department of bank ~
— Pieter Gunst (@DigitalLawyer) October 7, 2019
This was a pretty elaborate ruse.
–> Once I gave my member number, the attacker used the password reset flow to trigger a text message from the bank.
–> They used this to gain access to the account.
–> Then read some of my transactions to give the call more credibility— Pieter Gunst (@DigitalLawyer) October 7, 2019
He believed the whole thing was legit until they asked for his PIN number.
–> Needed the pin to send money, failed at that step.
–> Everything before the “what is your pin” seemed totally legitimate. English was perfect. The bank verification code, sent by the expected number, tricked me.
–> The asking for my pin over the phone… not so much.— Pieter Gunst (@DigitalLawyer) October 7, 2019
Remember to always be aware of these kinds of scams so you don’t get ripped off!
Stay safe out there people.
And now… joyfully resetting all my passwords, filing a police report, getting additional fraud detection in place.
Never a dull moment!
— Pieter Gunst (@DigitalLawyer) October 7, 2019
Wow, that was pretty close.
Keep your eyes open out there, folks! You have to be vigilant because there are scammers everywhere.
Have you ever fallen victim to a scam? Or ALMOST fallen victim?
Please share your stories with us, we’d love to hear from you. Thanks!