Farming Credit Cards with Robo Dialing

Posted by on May 5, 2015 in Wire Fraud

What better way to steal a credit card than to simply ask nicely for it.

I recently received an automated call on my cell phone from an unknown number which basically started like this

“Hello, we are calling from the Boeing Credit Union. Your credit card has been blocked. Please press 1 to unblock it.”

I was right next to my PC so recorded the conversation from that point onwards.


A log of the call:

00:03 “To reactive your card, please press 1”
00:10 “Please enter your card number”, I then entered 16 random digits
00:43 The card I entered failed, so obviously they were doing validation checks (nice!)
00:45  Robot asks me to please re-enter carefully, but I just entered a bunch of 1’s
01:13 Failed validation again, and was asked again please enter carefully. This time I quickly to this link  and got a Visa test card (4111111111111111) which I knew would pass basic validation checks
01:48 Passed validation, robot asks me to enter the four digit expiration number
02:04 Robot asks me for my pin number!
02:11 That’s me laughing out loud
02:25 “Please wait while your card is verified”
02:33 “Card has been reactivated, thank you for your time. Goodbye!”

Since this is cheap to run, cheap to deploy and brings with it low to zero risk in getting caught (at least in the farming phase) I think this is one slick scam. Attacker could look up the biggest companies by area code before making the call and replace “Boeing Credit Union” with a more appropriate company name before making the call. Could also translate into a number of other languages to broaden his/her scope. Net effect would be such that on average the attacker’s scam would be successful, which it obviously is at this point in time.

« »