Jennifer
Phishing scams are nothing new, but since everyone is getting wise to the methods criminals use to gain access to your bank accounts and other important financial accounts, those who perpetrate these crimes are having to get much more creative.
In fact, they’re getting so good at coming up at new ways to steal your information and your money that a seasoned lawyer almost fell for it.
In a now-viral Twitter thread, attorney Pieter Gunst revealed that while he has been the target of these scams before, the most recent one, which he called “one of the most credible phishing attempt[s he] experienced to date,” caught him off guard and almost succeeded until he noticed one major red flag.
2) “Ok. We’ve blocked the transaction. To verify that I am speaking to Pieter, what is your member number?”
Me: <gives member number> (that number, by itself, is useless).
— Pieter Gunst (@DigitalLawyer) October 7, 2019
Gunst revealed that the caller asked if his card had been used in Florida, to which he said no. The scammers then claimed that they’d blocked the transaction in question but asked him his member number in order to confirm his identity. Gunst complied since knowing the number in and of itself poses no danger, and the thieves then asked for a verification pin that was supposedly texted to his phone by the bank.
4) “Ok. I am going to read some other transactions, tell me if these are yours. ~ Reads transactions ~”
Me: Yes. These are all legitimate transactions I made
— Pieter Gunst (@DigitalLawyer) October 7, 2019
Having actually received the pin, Gunst assumed the call was legitimate and read off the pin as requested. Soon after, the scammers asked him to confirm recent transactions on the account, which were all legitimate.
6) Ok! But than we can’t block your card
Me: that is bs.
~ hangs up, calls the fraud department of bank ~
— Pieter Gunst (@DigitalLawyer) October 7, 2019
However, they raised Gunst’s suspicions when they asked him to reveal his pin so that they could block future fraudulent transactions. He refused, hung up on the scammers, and immediately called his bank to report the scam. He also filed a police report and reset all of his passwords.
So, how did the scammers manage to get so much of Gunst’s information? After much reflection, he revealed that he believes that they used his member number to reset his online banking password.
–> Needed the pin to send money, failed at that step.
–> Everything before the “what is your pin” seemed totally legitimate. English was perfect. The bank verification code, sent by the expected number, tricked me.
–> The asking for my pin over the phone… not so much.— Pieter Gunst (@DigitalLawyer) October 7, 2019
Once they were in, they were then able to view all of his transactions, making them seem more legitimate. However, they needed Gunst’s pin to wire money out of the account, and since he didn’t give it to them, they didn’t succeed.
I have best defense ever, i leave my accounts empty and spend all my money on pointless shit..
— The Notorious BNB (@TheNotoriousBNB) October 9, 2019
Gunst’s followers were understandably shaken up at the advanced methods scammers are now using to steal our money, but many had humorous suggestions on how to deal with the problem, like keeping your account empty or just not answering your phone.
As a millennial, I don’t answer any phone call that isn’t in my contacts. Someone could be communicating to me in writing that they will be calling on or around a certain time and date … still don’t answer the call half the time.
Probably saves me from a lot of scams.
— Graveyard Dog 💀💀💀 (@NitsuaSetab) October 8, 2019
While it’s unnerving to know that criminals are getting more intelligent when it comes to phishing scams, we just need to be vigilant—and refuse to give out identifying information to people who claim to be bank representatives who call us unprompted.
