You receive a call on your phone.
The caller says they're from your bank and they're calling about a suspected fraud.
"Oh yeah," you think. Obvious scam, right?
The caller says "I'll send you an in-app notification to prove I'm calling from your bank."
Your phone buzzes. You tap the notification This is what you see.
Still think it is a scam?
1/3
The scammer is on the phone to you.
Their accomplice is on the phone to your bank, pretending to be you.
Your bank send you the notification.
You accept, and scammers proceed to drain your account.
Someone has just lost £18,000 because of this.
https://www.reddit.com/r/UKPersonalFinance/comments/1cih3kd/been_scammed_over_18000_through_my_chase_account/
2/3
It *is* a genuine notification. But it isn't confirming the bank is calling you.
Should the bank word that differently?
In a rush, would you read it thoroughly?
Most likely, in a panic about the fraud, you'd confirm it was a genuine notification (it is!) and accept it.
3/3
@Edent so Scam-2 is on the phone with the bank and gets the bank to send the notification before Scam-1 or 2 have any of your card details. how the hell did S2 convince the bank to do that? sure, the notification came in legit, but what convinced the bank S2 was you at that stage to send the notification? did the bank just test a phone number? it sounds... improbable.
after that it's all sorts of dumb. 12 digits... nah. CVV and 12 digits... you kidding?
i still can't get to why the notification was sent. okay, a phone number not hard, people have those everywhere. but a bank would never simply use that as authentication. first pet name, anyone?
honestly the whole thing sounds like BS, or the guy in question was d-u-m-b dumb. perhaps both. why did the bank send the original notification? was this guy's whole life available online? xfer money instead of lock the account? sounds like he was scammed and has made up a "they were so good" story to save face.
Terence Eden
Paul McO'Smith III