For some reason, I thought Dick’s Sporting Goods was really giving away a Yeti cooler. What was I thinking?
Here’s the summary of the scam fyi:
=====
So after I realized I’d been scammed, I requested my money back for paying the $7 shipping fee. That came back no problem.
My question - should I cancel my credit card? There’s no easy way to do that given that there has been no fraud as of yet. And I would have imagined that the credit card security systems are going to be very good about keeping scammers from making fraudulent charges.
The reason I’m asking you guys is because I read a recent article on this scam, and they strongly recommended that you cancel your card if this happens. But I don’t see why …
I personally would change the credit card because if they are a scammer they should have no problem selling your information to make a profit. Will they? Anyone’s guess, they might not have the infrastructure to capture everything to package it and sell it. But if they have the ability to build scams like that it is at least possible they have captured your information and will sell it when they figure out you aren’t going to fall for their scam.
I could also make the case that if you monitor your credit card you could wait to see if there is fraud in the future, but every time I think I am going to monitor the card diligently I get busy and do something more exciting.
I purchased a SUP board online from a scammer. I called the bank when I realized it was a scam. I had to make a claim, and prove I attempted to address the situation with the seller, and it was eventually reversed by the bank. I never changed my card, nor had future issues.
I appreciated the advice of @chris and @ClaudnDaye so much that I went to close out the card.
Of course I got upsold.
So I said well ok but the card is compromised.
The agent didn’t seem too concerned and pointed out that I had no liability.
While she may have been focused on the upsell, I think if this was an issue at all the bank would know about it and encourage a change.
Anyway, just a bit more info on this fwiw.
3 months from now I’ll probably be posting about a $5,000 fraudulent charge that I can’t reverse …
Looking forward to the update that everything is just fine in 3 months. Strange that your bank isn’t more worried. My bank has the exact opposite approach. Anytime there is even a whiff of fraud they change out my card.
My card provider also cancels the card (and issues a new one with a different number) as soon as the first fraudulent charge is reported. And if their system detects two suspicious charges, they restrict the card to only work with vendors that I have previously used, until I confirm whether the suspicious charges were actually mine or not.
Well this is Citibank, so I’d have to believe they are pretty sophisticated in these things. @chris, as you say, we can come back to it in 3 months and see what happens…
@bostrav59 If it was in any way connected to a scam, best to protect yourself and get the card reissued with a new number. I hate doing this due to the need to reset the card at multiple valid merchants, but best not to be subject to scammers whims. I’ve noticed a drastic increase in the number of scammers imitating valid businesses with very real looking emails and even texts of late; had 56 show up in my “junk” folder in just a couple of days this week! All of them of the “You’ve Won!” style and very realistic…right up to the point you check the return address and even that is looking more and more like a potential valid business address! I’ve even gotten several advertising “free” or “low cost” insulin. I count myself lucky my wife previously worked with the FTC Bureau of Consumer Protection which started educating the public on scammer’s methods about 2 decades ago!
Speaking of fraud, I got a message from American Express regarding a $4 charge at Le Creuset (?!) that I never made. So they are issuing me a new card.
According to my wife, what fraudsters do is start with a small charge on your card and then keep increasing it if they don’t get caught. I don’t know if you can buy anything at Le Creuset for $4.00 anyway!
That sounds about right and par for the course. I am now intrigued about what $4.00 could buy. That is a crazy low amount. Le Creuset, at least they have taste in their forever cookware.
edit - I did find a gift card, but minimum purchase if $5
I agree that cancelling the card was the right thing to do. Also, I’ve been a Citibank customer for years, solely due to inertia and convenience. Frankly, IMHO, their CS is the worst. I am seriously considering a change to BofA for both personal and business accounts, just because they are associated with Merrill Lynch, with whom I have had nothing but good experience.
NB: I am NOT affiliated with ML in any way, other than as a client.
after all this, I went back to citi and got a new card, as you all recommended. So it didn’t even take 3 months. @Strat1117 it was very easy to get a new card from Citi - i didn’t have to talk to anyone to do it. Just reported the card stolen.
As for customer service, in my experience Amex is the best. Especially if you find yourself a victim of a robbery in Europe. My bags were stolen in amsterdam and I was so lucky to have an Amex card - because they have a large office in most major cities and can replace your card quickly. No one else can do that.
I don’t like necroposting, but this topic requires some follow up.
Firstly before I put in any advice… let me clarify that my day Job is in IT Security, and a major component for me is educating coworkers about Phishing and Scams. Furthermore in my personal life, I volunteer in helping students, and kids in being safe online (and where appropriate, also the educators and parents that are less tech savvy).
First important thing to remember about potential scams is, they usually sounds too good, but there are other clues to look for
If you look at the email sender - its no-replay@… (Note the misspelling, rather than no-reply). this is your basic opportunistic scammer hoping to catch you off guard.
Again, the email address after the @ seems random/garbage in this case, that’s indication it is likely a scam. If it looks like something.dickssportinggoods.com at the end, its likely legit, but if its a variant… say dicks-sportinggoods.co then its more likely a Phishing scam, were the scammers are trying to get your actual login info. Keep in mind these types of scammers also have more knowledge of their targeted audience, and may use domains that seem to align with the vender (Say dsg-campaign.com or references to their Loyalty programs scorecard and scorerewards.
The Next thing that’s a bit of a give away is the links within the email. For most, if you hover over a link, you can see where it sends you (either right where your mouse is, or in the status at the bottom of your window). Again, if you look here, similar to what I noted in #2 above, you will see clues. Also, if any links seem to have mailto:... consider it a scam right away.
Spelling and grammatical mistakes, are obviously a huge red flag.
Now if the email is addressed directly to you, and has elements of #2 / #3. This is more likely spearphishing. The scammers know some information about you already, and want more. The sites their links go to , seem very realistic, and more professional, but be weary, they’ll ask for logins, and your login info tends to not work (you’ll get an error of some sort). In reality they just stole your credentials. if this happens, change your passwords right away.
Next big thing that will happen, if you managed to get scammed… and gave up card/banking info… keep in mind some of these 1st level scammers are harvesting information. They may ask for a nominal shipping fee… but here’s whats really happening behind the scene:
They have Credit card details, and feel you could be an easy target.
They likely have the name, and billing address too (This is why many credit card verifications now only ask for Zip/Postal Codes and Name only. Sites should not need to store this information.
They may have enough information to attempt additional identity theft!
A nominal (usually authorized by you) charge is applied, and a promise to ship something in 3-6 weeks… (which you might for get). That confirms an active card.
They now resell this info… to other scammers… that try to take advantage of you.
So now lets talk about Credit Cards, and the banks… – Hint, they are not your friends:
They have one prime directive – Make Money for themselves.
They do this through fees, and even more through interest charges!
They will abide by local laws, to reverse charges but will sometimes make you jump through hoops.
Agents make commission on the upsell, remember that. and usually their performance is based on it too! If you got upsold and feel uneasy. Contact the bank, complain, and ask them to cancel the new card, and take you back to your old tier.
Its trivial to “renumber” your account. and issue a new card to you. But if you can, have the new card sent to your closest Branch if possible, as postal mail is being targeted more often these days. Keep in mind, some existing pre-authorized payments get moved over automatically.
If you have the time, research an alternate card… and switch, cancelling the old one out right.
It would be wise to mention you feel your card was compromised, ask about free credit monitoring. This adds an additional level of protection in case scammers target you again.
Finally, if you do get scammed, its large, and the banks/Credit card company refused to help assist, even though you were quick to report it, and (hopefully) have evidence of a previous suspicious report… do consider taking to social media, and contacting local media. Also check with local laws… that may compel them to act. Banks/CC companies hate nothing more than bad press, so they tend to react quickly when they’re hashtagged.
If you do get scammed and are a victim of identity theft, file a police report. In the US, along with the Police report you can compel the 3 Credit bureaus and the IRS to lock your account with pins and 2FAs for FREE FOREVER. Given how lax the Credit bureaus currently are with our data this is not a bad thing.
In Canada there’s 2 credit bureaus, Equifax & TransUnion. The file a police report in your jurisdiction is also important (I forgot, but usually when you file one with a bank, they always tell you to do so).
For those that don’t know… 2FA is Two Factor Authentication. sometimes also called MFA or Multi Factor Authentication.
There are 3 classes of factors:
Something you know (your User ID, Email, etc, and Password, PIN generally), and security questionnaires.
Something you have - Usually some form of Authenticator that changes number, or phone (for SMS, phone call verification), or secondary email to receive verification codes on
Something you are - Biometrics, like Finger/Palm imprint, iris/retina scans, voice imprint, and in higher security areas, vein scan, or even DNA samples are sometimes used.
Keep in mind MFA is not perfect, and some are easier to defeat, but still better than nothing.
A common security question is “Mother’s Maiden Name” – and many banks ask for this. I suggest you give them something different (and remember what you gave)… because this is usually easy to find now by scammers.
I forgot to note: If anyone wants advice in this realm, feel free to DM me.
