Protect Yourself from Debit Card Account Takeover Schemes

Our card services partner has reported a recent increase in account takeover fraud attempts.

Account takeover fraud occurs when a scammer has obtained sufficient credentials to pose as the cardholder to financial institutions. These scams use sophisticated methods combined with social engineering to deceive cardholders into revealing critical information and disregarding legitimate fraud warnings.

One scam reported instances of cardholders receiving phone calls claiming to be from the fraud prevention department. The cardholder is sent a one-time passcode (OTP), is asked for their account number, and told to provide the code. The caller then instructs the cardholder to reply “No Fraud” to text messages sent by the real fraud prevention department in response to fraudulent transactions.

Once the cardholder’s information is obtained, they can then execute changes to account or card-level settings that assist in the commission of fraud, including demographic changes (phone numbers, emails, passcodes etc.), increased limits, PIN changes, and travel exemptions that suppress normal fraud monitoring.

To prevent account takeovers:

  • Never provide full Social Security numbers, PINs, account numbers, or one-time passcodes
  • Never respond NOT FRAUD to fraud alerts on activity you did not perform, regardless of who instructs you to do so.

If someone claiming to be a bank representative contacts you by phone, email, or text message and wants you to share your confidential information, you should consider this to be fraud. If it is a phone call, hang up immediately. Be aware that area codes and caller ID can be misleading, local area code does not always guarantee that the caller is local.  Do not respond to email or text messages.