American banking giant Citigroup has warned its clients about a new scam that tricks credit and debit cardholders into surrendering their cards to people posing as bank representatives offering purported upgrades and freebies.
This is a modus operandi to access the cash advance feature of the card, make unauthorized withdrawals or cash advance transactions with the account or even create an online account using the victim’s credentials, Citi said in a recent warning issued to Philippine cardholders.
“Scammers will call you and tell you that you are qualified for a free credit card upgrade with no annual fee for life or a credit limit increase and free gift certificates,” Citi said. “They will then set up a time and date to pick up your card.”
The scammer will then collect the card and cut it up in the cardholder’s presence to show that it had been torn to pieces before being sealed in an envelope.
Then the scammer will ask for the one-time PIN (OTP), claiming that this was required to upgrade the card. The victim will be asked to disregard any other SMS on transactions being made on the account, claiming this was part of the “upgrade” process.
Once the OTP has been divulged, the scammer can change the credit card’s cash advance PIN and make withdrawals or transactions with the account.
Citi reminded cardholders that it would never ask clients to surrender their Citi credit and debit cards or OTPs.
“Do not entertain anyone visiting you in your home or workplace claiming they are Citi employees and offering you to upgrade your card, increase your credit limit, etc.,” the bank said.
Apart from PINS or OTPs, Citi asked clients never to divulge their credit card information such as expiry date or CVV for any service calls, promos, upgrades or replacements. If someone has called to ask for any of these, clients were urged to report it immediately to the bank.
Since the government imposed lockdown measures to curb the coronavirus pandemic in mid-March, scammers have become more creative and sophisticated. Apart from those lurking in the digital space, some scammers also attempt to hijack physical devices or cards.
A few months back, there was a report about a SIM swap scam, whereby strangers claiming to represent telecommunication companies would ask to take a telecom user’s SIM card in exchange for a purported 5G upgrade. These are likewise scammers plotting to steal bank credentials and hard-earned money.
Banks repeatedly reminded clients that cybersecurity is a shared responsibility. As part of cyber hygiene, clients must protect their cards, online accounts, SIMs and devices used to access bank accounts.