New type of scam - stealing your merchant funds(?)

Create a Post
David Waldmann

David Waldmann

The Guru
Forum Donor
Industry Vendor
Featured Vendor Forum Sponsor
Joined
Feb 6, 2002
Posts
8,841
Loc
Chester, Vermont USA
Business
Vermont Hardwoods
Received the following email this morning:

Dear customer,

We regret to inform you that your merchant account has been locked.
To re-activate it please call (954) 707 6499 and update your information.

*** Please Note : To restore your account access you need your Merchant ID number and Terminal ID number. ***

It's from a company we've never dealt with so it must be a scam. I can only guess that they are trying to redirect your collected funds to their bank account?
 
The phishing scams are alive and well! :)

Interesting that the two mentioned today are both highly targeted.

Peter's Apple phishing scam was aimed at 5% of the desktop market, and the one you mentioned was aimed only at credit card merchants/retailers. (also a very small percentage of the big pie)

To me, that hints that both of them are using breached databases of known customers that fit the exact intended criteria.

Mike
 
Mike do you think that they may be trying to target the average person or artist who is using a square? Seems like they might be more apt to click a link and be duped...
 
Bob Doyle said:
Mike do you think that they may be trying to target the average person or artist who is using a square? Seems like they might be more apt to click a link and be duped...
Click to expand...

There was no link in my message - only a phone number. That was what was so interesting to me, because it's so different than anything else I've seen.
 
It wanted a terminal ID # so prob not square/paypal/quicken/or about 20 others just like them.
 
Mike Labbe said:
It wanted a terminal ID # so prob not square/paypal/quicken/or about 20 others just like them.
Click to expand...

I also received the letter. My banker advised that I call the number! I did, and when a computerized voice asked for my merchant account number, I hung up. Yet another bad mark for my bank, but that is another story for another time.

The email was marked with a return from First Data. I called First Data directly as they process B of A merchant services. I was told that they knew nothing about this. And, my terminal was working properly anyway. Definitely a scam.

BTW, the actual return email did not match the First Data information, a definite clue.
 
I'm surprised that a financial institution would even consider recommending that you call a phone number.

Our processor, like many, also uses the First Data Nashville platform for payment gateway connectivity and received this note from 1st Data about 2 weeks ago...

Regarding: Phishing Scam
First Data has learned of a widespread phishing attack telling recipients that their merchant ID has been locked.

Unsolicited email containing errors should always raise a red flag, especially if combined with a call to action, such as calling a toll-free number or clicking on a link. If you receive an email similar to the one below, immediately delete it from your inbox and deleted items folder. Do not open any attachments. No further action is required on your part.
If you are a merchant who called the toll-free number below and gave your merchant ID, please call the contact center number on your statement so that First Data can help you monitor for fraudulent activity on your account.
If you receive emails in the future that you suspect are phishing, please forward to phishing@firstdata.com.
 
A variation of David’s scam:

I received a phone call on Saturday, March 22, claiming that my TSYS CC processing account had been "locked". The message was recorded and it commanded me to press "1" to reactivate it. However, the caller I. D. indicated that it was a “private” or “restricted” number (I don’t remember which).

Remembering David’s experience, I chose not to respond.

I e-mailed my account representative from TSYS, and he checked and verified that the account had NOT been locked. He also said that while he was aware of the e-mail phishing scheme, he had not heard that the scammers were also trying the automated telephone call route.

Because I’m paranoid, I ran my credit card through the terminal for $1.00 and voided the Tx just to be sure.
 
Scams with phone numbers may have nothing to do with merchant services or anything else. It may simply be that the phone number is on a mega-premium rate and every one that calls it clocks up $20 or somesuch for the owner of the line. Well you don't need many calls to make it a nice little earner.

When I had a fax machine I regularly got faxes supposedly from directories asking to confirm my details. They would deliberately alter the town for some other place that was very unlikely be confused with my actual location. Obviously they just got a map and picked a nearby town - without the benefit of local knowledge, which gave the game away. Then there was a phone number to fax back if any details needed amending. The thing was, to keep it sort-of legal there was some very small print at the end stating the call charges. It would have cost me about £5 to fax them back. I wonder how many folks fell for it.
 
There are lots of things like this around - but the sad thing is that if people aren't aware of them, they may well panic and send their details in the hope that the problem can be fixed. Never send anything, and check your accounts as soon as they say that there could be a problem.
 
Create a Post
Back
Top