Site icon inlineVision: Web Development / E-Commerce / PPC | Las Vegas, NV

Citibank and Other Bank Scam Text Messages

We’re in the middle of what is without a doubt the most chaotic chain of events in modern times; and while a lot of people struggle to pay their bills or feed their families, scammers see new opportunities.

Maybe because I still remember having to pay for every single message or having to press every key multiple times for one single letter I am still conditioned to avoid unnecessary messaging.

But during these interesting times, where “social distancing” is the new normal, where most banks are by appointment only and trying to call your bank’s support is almost as successful as trying to file for unemployment – communication via text messaging has become the new preferred way to “interact”.

And the more socially acceptable something is, the more certain shady characters will be working on new ways to exploit it.

Enter the text message scammers

This scam method isn’t new; but due to the “Stay-At-Home” orders and the related immense jump in online ordering and other cashless services, the amount of scam text messages has also increased dramatically.

Needless to say, CITIBANK would never send you a text message like this.
They would never use some-crappy-email from some-crappy-domain-name as the sender.

All of the “sender-domains” used are either for sale or cannot be resolved at this time (please note that the domain owners are probably completely innocent in this); so why not see what happens when you call the phone numbers?
NOTE: Please do not use your real phone number to call.

Let’s call the Scammers


One of the numbers disconnected immediately, the other 2 had the exact same recording and procedure at the other end (most likely route to the same system).

This is how it works:

*Computer voice: This call will be monitored and your voice may be used for verification purposes

CV: Welcome to CITIBANK (yeah, right)
CV: Please enter your 10-digit phone number

Other things you’re asked to type in during the call:
PIN
CVV
Exp Date
ZIP Code
Last 4 of SSN
They also want you to say and spell your name as well as your mother’s maiden name.

Please note that:
– I did not use my regular phone number to call
– I typed some other scammer’s phone number when their “system” asked for my number (random numbers didn’t work)
– I used a fake credit card number generator to create a “valid” credit card number (I tried random numbers, didn’t work)
– Everything else seems to accept random (but logical) numeric values. E.g. I used 123 as CVV, 12345 as zip code, etc.
– I did not enter or say anything when prompted to say or spell my name other than click the # key.

Listen to the full audio of the call here:
https://inlinevision.com/wp-content/uploads/2020/04/scam-hq.mp3?_=1

Summary

Familiarize yourself with the procedures, wording and other security features your bank uses to communicate with you.

DO NOT share any personal or identifying information over the phone, over the internet, or via an automated system UNLESS you are 100% sure the recipient is who they say they are.

Scammers: see NRS 200.620.

Related Posts

Beware of the Experts: Buy Twitter Followers &#821…

Website Hacks & Security: A Reality Check

Latest WordPress Vulnerability: One-Liner To Remov…

List Of New Vulnerabilities Leads To More Website …

Exit mobile version