I am embarrassed to say that I recently fell for a social engineering telephone scam in which the callers pretended to be from my bank's fraud department. Luckily, I did not lose any money, but I want to share what I learned with you so none of you fall for the same tricks I did.
Firstly, don't trust calls from your bank. This might seem obvious to some, but the reason I fell for this scam is because my bank has legitimately called numerous times in the past to catch suspicious activity on my account. I was already primed to see such calls as legitimate, especially since the caller ID showed the name and number of my bank. If you get a call from your bank about your credit card, end the call and call the phone number listed at the back of your credit card instead to follow up.
Additionally, be very careful with text message verification codes, especially while on the phone with a purported business. I was not hip to the ruse used in my scam call. They tell you that they will send you a text message with a security code and that you need to read the code back to them over the phone. Again, this is something my bank legitimately does, so I was not suspicious.
My phone elevates such verification code to the status bar in such a way that you do not even need to read the message, and so many places use text message verification these days that I don't usually bother to look at the rest of the message. Thus, I did not see that the verification code message was not for the caller's stated purpose, and the message itself warned that my bank would not ask for this code over the phone.
Scammers understand that most people won't bother to read a seemingly pro forma text message, so while still on the phone with you they will try to make a purchase, reset your account information, or link your account information to their digital wallet; and then they have you give them the confirmation code under the guise of using it to verify your identity. If you need to provide a text verification number to a third party, read the verification text message carefully first to ensure the purpose of the verification is legitimate and you are not actually authorizing access to your financials.
Also, as a reminder, never give out your PIN, full Social Security or other identification number, user name, or password, not even for "verification" purposes.
Coincidentally, my mom just got scammed out of 1000 euros. The scammers texted her, pretending to be me, and basically begged for money saying that there’s an emergency. Disgusting. So, I guess these phone scammers are proliferating everywhere. Beware, and warn your moms as well!