A text message arrived earlier, alerting me that my bank card starting with 511182 had been deactivated. I should call 888-950-5553 to reactivate.
888-950-5553
I knew this was bogus, though I might not have been so immediately sure of its bogosity had the same thing not happened to D several months ago, and also on a Saturday. She received a text message alerting her that her account had been compromised, and to call a toll-free number to restore access. The wording, as I remember it, was virtually identical to the message I got, and she quickly found that it was just another type of spoofing scam.
Other clues about the text message seemed to point to its sketchiness. The random capitalizations of first letters did not seem right, and the way it tried to identify my card number with its first 6 numbers and not the last 4 or 5 numbers seemed uncharacteristic of a legitimate bank communication. Nevertheless I checked my card and of course found that I have no account number or bank card that begins with 511182. I then looked up the toll-free number on some search engines and found nothing of any substance, though I would not consider search engine presence as proof of anything conclusive.
I knew it was fake but I decided to call the number anyway, just to see what it sounded like, and to see how the scam was supposed to unfold. I did not call from my cell phone or land line. I called from a payphone. I did not want Caller ID phishing (if that was a part of the scam) to deliver any personally identifiable information of mine to the fraudsters.
The first time I dialed the number I got a message saying all circuits were busy. I called again and when it rang I was immediately tipped off by something that might be considered pretty subtle: The phone rang once, and then quickly rang a second time. To me this suggested that the call was being forwarded to somewhere else. The guttersnipes must have hijacked a dormant or unused toll-free number and used its voicemail software to forward calls to their Call Center of Iniquity. If this was true then it answered my only real question about this scam, which was how an outlaw operation was allowed to get a toll-free number. I am sure it happens but my guess is that they did not own the 8889505553 number, but likely used common phone phreaking or social engineering techniques to take it over from someone else. I could be wrong about this but it made sense as it passed through my stream of consciousness.
I notice that this alert came on a Saturday, as did the similar alert D received some months ago. Our two incidents do not a valid sample make but if it represents a broader pattern then it might suggest that the voicemail system and toll-free number — if they were in fact being hijacked — were being used while its owners are out of the office or otherwise unawares.
A pathetic sounding robot voice answered and announced that I had reached “Chase 24-hour Card Activation.” To enter my credit card number I should press 1, to hang up press pound, and I think there was another option. To me it sounded crass and phony but I could see where someone in a panic might not listen to the nuances of the automated voice attendant and instead simply head straight to the escape route of re-activating their allegedly dead card. I would also guess that people enter their credit card number without comparing the first six digits of their card to the 6 digits in the text message, either because they don’t have the card with them or because people are more inclined to believe that their bank account information will get stolen then they are inclined to believe that it will not get stolen.
A real bank would not simply send you a text message. They would more likely call you, leave a communication in your online banking, or even mail you a letter. Nevertheless people do choose to get urgent alerts from their financial institutions sent to their cell phones. My identity theft insurance claims I will get a text message if anyone tries to open an account using my personal information. This has not happened — and I doubt it ever will because I have more confidence in the crooks’ ability to bypass these systems than in the banks’ abilities to maintain them — but something in me did perk up in the first instant that I saw this message.
I am sure this scam works.
4 Comments »
RSS feed for comments on this post.
I spoke to Chase Bank today after I received the same message. Total scam. Oddly, it happened 1 day after I sent a text to Chase requesting my balance. Scum of the Earth!
Comment by fish — October 30, 2009 @ 9:48 pm
Strangely enough this happened to me within minutes of receiving a new Chase credit card in the mail. I had not called to activate that card yet when my cell phone lit up with a message from Chase. I still didn’t fall for the text message scam but the coincidental receipt of a new card from Chase added to the sense that something possibly bad was happening.
Comment by sorabji — October 30, 2009 @ 9:53 pm
I also received this — and found your post by googling the 888#.
I wonder what we can do? I wouldn’t even know which authorities to alert to be honest …
Comment by Anittah — November 2, 2009 @ 11:48 am
if i was motivated enough i’d contact Chase. i have alerted Chase to these type of things in the past and they seemed to take it pretty seriously
Comment by sorabji — November 2, 2009 @ 12:34 pm