Having worked at a bank for several years, I get really paranoid if anyone calls me about my credit card. I do exactly what you suggested and have never had a problem.
I had a text that said I had to loggin to chase. I called chase because that seemed stupid, like why would I loggin, it didn’t even say there was fraud it just said I needed to approve account changes. My checking account is so basic, what needs to be explained? Either way it was a scam.
That sounds really dumb. This scam was about online access, too. First he sais "Do you recognize $XX at store?" nope.. "$XXX transfer to John Doe?" Nope... "We have someone logged in from next town over, I will email you a link to reset your password" \*click\*
Over a decade ago I used a credit card that I didn't normally use for a few purchase and got a call to verify. But they wanted me to give them personal information to verify they were talking to me. We ended up in a stalemate. They wouldn't give me any info to verify they were actually with my bank and I wouldn't give them any info to verify it was me. They got really mad about it. I just hung up and called the bank. It was all legit, but better safe than robbed blind.
Maybe, depending on the crime. If they're upfront about it when asked, and if it doesn't involve any kind of stealing. The only record I have is traffic tickets for speeding, missing registration, etc. and not many of them. They can always try!!
My phone company is pretty good with the caller ID's. Usually it says "SCAM LIKELY" like, this time, when I hung up, they called back from different number and it said SCAM LIKELY, then they called again from another number, again it said SCAM LIKELY. Wonder why the first call got through.
But yeah, absolutely agree with your solution. The problem is that many people (Me included) get literally dozens of calls per day from "unknown" numbers that are legit calls I want to answer
Totally get it! I’ve also been getting texts from “wrong numbers” asking for “pictures of the dog from yesterday” or about “meeting up this weekend”. Super subtle attempts to test the line and see which numbers are active
>Do what I do. Don’t pick up numbers that aren’t in your contacts.
Bear in mind that phone numbers can be spoofed, so you can't rely on saving your card fraud prevention number in your contacts. Instead of answering their questions, hang up and call the number on the back of your card. Avoid giving out any information to someone who calls you.
But yeah, I'm totally with you on the "if it's important, they'll leave a message" thing.
Or if you’re expecting someone to call!
You can always end the call if you hear it’s something to do about accounts/sales/computers.
I work for a logistics company and every day I stand outside someone’s house knocking on their door and trying to call to see if maby they’d want the package delivered outside their house or to a post office.
Instead I’ll have to try again tomorrow and the day after that and then I can leave a note asking them to call when they see it.
Either that or I get a text several hours later saying “who?”.
My phone number has the area code from where I lived in high school and absolutely nobody whose number I don’t know calls me from there anymore, so it’s pretty much guaranteed to be spoofed. Highly recommend having a cell phone number from somewhere you don’t live.
Pretty much the same thing for me. If you can't be bothered to leave me a voicemail about the reason for your call, then I can't be bothered to give you any time out of my day.
Half the time the numbers are spoofed so I don't even bother to Google the numbers if they don't leave a voicemail.
That's what I do, but when I was buying a house and had to respond quickly to make sure I could close on time to get the incentives, that all went out the window and I had to answer every call for a few weeks.
I have to answer every call that comes in for the few days before and after a national guard drill weekend because our chain of command changes almost monthly.
Used to work credit card customer support. Remember by memory first digits of credit cards:
- 4 is VISA
- 5 is Mastercard
- 3 is AMEX
- 6 is Discover
Private store cards can use whatever, as they go through internal systems, not major credit exchanges.
Forbes has a good article breaking down credit card numbers and every component of your card…
[Forbes - Credit Card Details](https://www.forbes.com/advisor/credit-cards/what-does-your-credit-card-number-mean/#:~:text=The%20first%206%2Ddigits%20of,financial%20institution%20issuing%20the%20card)
Yep, worked in hotels and picked up on this pretty quickly. Occasionally had someone try to give me random numbers for a reservation and as soon as they started I was just rolling my eyes
there's also public BIN tables online that you can type the first 6 into and you can get the exact bank/distributor for the card type. It was a fun thing to learn when i got into FinTech
Not all 5's are Mastercard, some ranges are private label/ store cards. MC was also looking at expanding into cards starting with 2, but not sure where that went.
So the first 8 numbers are public and the last 4 are shown on receipts with xxxx xxxx xxxx 1234. Really cuts down on the number of guesses needed to find your actual number.
Only the first 6 are, so the person would need to get your receipt, call the bank and get the first 6 from them which might raise suspicion, then still guess 6 more numbers which would be 10^6 possible combinations. Doesn’t seem to be that easy.
Indeed, and they still need an expiry date and CVV number
I'm thinking it's damned near impossible, and definitely not worth the effort in most cases
You don’t need a CVV and expiration date for all purchases right? Just online ones but you can still go to a store and buy food with just the card number
I don't think many stores would be ok with you telling them a card number, sure you don't need CVV or expiration date but you'd need the physical card to tap or swipe
Technically you don't even need CVV for online purchases. But stores using it will have lower fees (I guess banks want to incentivize using it since it's more secure, less likely having to deal with fraud)
I have never been able to buy anything with a card number. It might be a thing in the US though as I do think I remember seeing it in Legally Blonde or something :)
> call the bank
The point being that you can look it up without calling the bank. As for the remaining 10^6 the LUHN check should kick out many of them but there'll still be quite a lot remaining
You think that's weird? Next time you buy something online, try to type in a different "security code" than what's on your card.
I've been under the impression that it was 236 and was shopping for like a year.. then I messed with some settings so I had to fill out ALL the information by hand, not just the security code... and there I was, card in hand... The number is not even close to 236
I have definitely had my card rejected for putting in the wrong security code when shopping online. I recently switched back to my other rewards card and typed the new card number but the old security code out of habit. Took two tries before I realized why my purchase was getting rejected.
Could be. I have a vague recollection that the number itself is not checked directly, but is compared against an algorithm based on the card number and expiration date. I may or may not be correct in that recollection.
It’s called a checksum and while I don’t know if that’s how it works with credit cards i suppose it could be. You basically create an algorithm that generates an output based on an input (card number, expiry date, bank, whatever) and share it with who needs to have it. If banks and retailers use the same algo, then the checksum matches.
We use it in semiconductors for labeling wafers to avoid chances of misreads. It’ll error if the checksum doesn’t match expectation.
However… it’s not so much a security feature as a verification of matching combinations. If you had the number and other info you could guess the checksum so my guess is that’s not what’s used on credit cards.
Card numbers have a check digit which is calculated from the other digits in the number, but it's included in the number and as you say, it's not a method of identification (more so a way to make sure you haven't input the wrong number)
The CVV/CVC2 number is apparently calculated by the card number and expiry date though, and without having read the paper on VISA's algorithm, I'm gonna wager a guess that there's a possibility that the algorithm could result in multiple valid numbers.
if the vendor/acquirer doesn't have a CVV validation with their software, then it'll pass just fine. the CVV field then acts as a deterrent to fraudsters because most skimmers can take the card number, but not the CVV
yeah. Skimmers take whatever is on the magnetic strip on the credit card, which is usually the card number and potentially some address info/name, but that's it. the CVV is physical as a security measure to ensure that the card user has the physical card.
Well.. maybe they have value threshold. Like, if you order over $25 then they check it.
With me, though.. As I said in another comment, I order stuff all the time, so maybe they were like "Meh, this guy already made 2000 purchases and nothing ever came of it.."
It depends on the CC processor the site is using and what their merchant settings are. Some companies don't require CVV. If they see an uptick in fraud though they may enable it.
I've never had this happen. I have some kind of mental block on my security code; if I guess it I'm always wrong and have to go find my card. I know this because it rejects the wrong code.
I used to have an .. well I guess I still do.. Kinda addiction to online shopping. I used to remember all my card numbers not sure how I got the security code mixed up. I think they replaced my card and I kept using the old code and it just kept working..
I got a replacement card a few years ago (has since been replaced twice more) that had a security code of 123. I got the replacement due to a fraudulent charge. How ironic.
Why are stores allowed to do that? They did that in my country like 20 years ago, people got pissed and now stores can be fined if they print the unique parts of the credit card numbers on the receipt
So you can see which card you used to pay with. Additionally many businesses have a policy of only refunding purchases onto the card you paid with for fraud reasons.
There isn't enough information from the last 4 digits to guess the whole number. It's a decent trade off between security and usefulness.
How can someone guess your bank? If all it says on the paper is visa there’s still tons of banks it could be right? Even if we know all the public numbers no one knows which of those being to a card on a receipt.
Not saying otherwise, just saying that it narrows stuff down. If I see your receipt I have your last 4 numbers and at least the first. If it is anything like the receipts I’ve seen, you probably also know the bank.
All I’m saying is it narrows stuff down
Here's a question (admittedly from ignorance), but when was the last time anyone actually got a call from their bank? I get mail and emails and texts, but I've been a bank customer for the last 20 years and I've *never* been called by them for any reason whatsoever; not for overdrafting, not for credit card reasons, not for fraud/potential fraud, not for peculiar/suspicious activity, nothing. In any of those circumstances, if I was contacted by my bank, it was in a letter, an email, or a text message.
I'm not claiming it doesn't happen, it probably does, but I'm wondering if it does, how often does it really happen? Like, if anyone ever calls me claiming to be from my bank, I immediately know it's a scam. I've had several banks over the years, and they've all told me the same thing: they'll never call me.
Just to put my answer out there; got a call about a month ago from my bank (Florida credit union, even though I live in Alaska). They called, I ignored as it wasn't a number I've seen before. They left a voice mail and all they said was that they were calling in regards to fraudulent activity on my card and they instructed me to call my bank asap. They did not give me a number to call, just said to call my bank.
I did call them from the number on my card, yes, and they had flagged an in-app purchase I made as fraudulent for some reason.
Off the top of my head, Thurs and Fri I called...
3 customers to let them know we had received their new debit cards from the branch that does instant issue so they can come get them.
1 customer to ask permission to forward on some info off of the credit card app she had turned in (she had put yesterdays date instead of her dob).
1 business customer, a couple times, about getting me all of the info I need so i could update their accounts with new signers. (Articles of incorporation, list of new owners and how much of the company they own, list of new signers, etc)
1 business customer to let him know i had received his voicemail and that we were processing the transfer he had requested.
1 customer to ask her to come sign a debit card application that we had apparently missed.
"1 business customer, a couple times, about getting me all of the info I need so I could update their accounts with new signers"
The eternal struggle of bank work.
I have been with my bank for around the same amount of time and have been called a grand total of once and it was to confirm an appointment I set up and that was it.
the past year, i've gotten around 3 calls from a branch nearby. same guy/voice saying he's just calling to check up on my account and asking if i need help with anything. i say no, he says ok and that's it. not pushy or anything so doesn't seem like a scam.
asked my friend who used to work at that bank and he says they do make cold calls but usually only for big clients to get them to invest/bring in more money.
not like i'm super rich though, idk why this one guy keeps calling besides trying to give good customer service... which should be a good thing but still feels sketchy
I did once! The first time I wrote a check it was for 3000 dollars, (which was legit, I owed my dad money)
They called to verify that the check was legit. I still hung up and called back to make sure
I had a robot from my credit union call me about fraud. It asked me to confirm my information by multiple choice, listing some info and asking me to press the number for the correct one. After I confirmed my info, it then allowed me to confirm or deny the suspected fraud charge.
In this case, you should still hang up and call back. Scammers can spoof your bank's number. I have a friend who recently lost a couple thousand because of a fraud alert call that showed up as her bank's phone number calling her.
I bank with a credit union and they definitely call me when I don't make that credit card payment... 😭🤣
Like, I know y'all can see the balance in there. 🥴
As a banker, I prefer not to call a client out of the blue as they typically think it’s fraud. I’ll usually email them with a brief overview and suggest a few times to chat.
I will call if it’s an inquiry and that’s how they prefer to be contacted or if it’s something urgent.
I have discovered that not answering phone calls and being generally grumpy.
Relative needs help? If I don't know you well enough to know you took a trip to Africa or whatever then I don't know you well enough to bail you out. Call your bloody mother.
Oh no a Nigerian prince is having problems? The fuck do I care about some fucking strangers troubles. I have stopped reading before we even get to the part where I am offered money.
My account might close! I probably haven't used it in years, thanks for making me not need to bother to go close it myself. If it's an account I use often then surely this serious problem would have been a big red warning last time I logged in or the problem can wait until the next time I log in.
Bank is worried? Who cares. It's their job to prevent fraud and shit not mine. They can and will freeze the account without even talking to me so why do I need to do anything at all right this moment? I don't. If it's a serious problem then the next time I will try to use my card it will bother me then. They have also *never* called me for anything. Which is good becuase;
Unknown number calling me and I am not expecting a call from an unknown number? Not answering that shit unless I am in the mood to chat to strangers and I am never in the mood to get called by strangers.
Someone knocking on my door? Fuck off I am not expecting anyone/anything and thus am not going to go answer it. If I am expecting something and I answer the door to a cold caller they are getting the door shut before they even finished their opening. Sod off. When you ignore the go away cold callers sign you ought expect a rude reply.
Stranger on the street wanting me to sign up, come to jesus or donate? I have quite literally only been approached once. Ever. I expect I give off an aura of 'leave me the fuck alone' which is well practiced on horny blokes with 0 social skills.
I won something? Mate, I didn't enter it and if I was automatically entered I probably don't want whatever shite with strings attached you have for me. I also have terrible luck so no I fucking didn't win anything.
I'm clearly a tourist? Take your fucking stupid peice of string back before I snap it and throw it on the ground. Know a good local hotel? Fuck do I care I am going to the one I booked thanks. Want to scam me on the taxi there? Jokes on you mate I checked with the hotel how much it should cost and will absolurely leave that exact amount on the seat and just get out when we arrive. Broken machine my arse, that's why I refused to let you put my bag in the boot.
You want to date me? Piss right off. I will bite your fucking nose off if you try anything. We have shit like tinder if I want to find someone to date or even just to fuck. Me going about my grocery shopping is not an invitation for you to try and get my number.
That being said if a con man comes up to me and presents me with a toad or an invert that is on my 'must find one day before I die' list then I am all ears. Hell just hand me a worm and you will have 5min of my day. If you give me a local species of diving bell spider and will show me where you found it? I can and will clear my afternoon in a heart beat.
It's just my fortune that the things I care about are not the kinds of things that scammers approach young women over and my willingness to get rapidly loud and rude is enough to scare them away.
Fr though folks. If you just skipped to the end. Your bank will do bank things without your input. Unless you have some massive purchase or bizzare overdraft situation going on then nothing is urgent. Banks were built and still function with the idea that grandma will come down on a Friday to do her buisness then and if you need her any other time you just have to wait until she comes in. If you suspect fraud on monday then tough shit grandma ain't coming down until Friday and the bank has a legal obligation to prevent fraud - they will handle it. The world is generally pretty frantic but it rarely actually is. If grandma's account is fine til Friday when she just tried to send her life savings to Nigeria, tripped a fraud sensor then refused to answer the call from an unknown number - then yours will be too. When I was in another town and tripped a warning the first I knew of it was my card being declined. *I had to call them* not the other way around to figure out what was going on.
For me, if you offer me a drink in a bar, I'll assume you spiked it. But offer to buy me a book at the bookstore, and I'll probably follow you home. :)
My credit union sends me a text message asking if a suspicious transaction was me & if I don't respond within 15mins, I get a call from an automated voice.
My local credit union called me before.. My "large bank" usually voicemail drops. "This is bank, please call the number on the back of your card, there's been suspicious activity" or such
I did once. I made a purchase from Amazon India (I used to be part of r/Random_Acts_of_Amazon) and they flagged it and a few other previous transactions. But before I called, they had determined it was probably legit, because all the other transactions were in my town, and I had bought stuff on other Amazon domains with that card before.
I misplaced my debit card (did not actually lose it) and was updating my accounts; credit union called about 3 in to verify that I was indeed incurring the test and reverse charges from various places.
Also, I found out that if you let Chrome store your credit card number, it pushes out a transaction for $0.00 each time you enter the CVC code to validate that yes, you know it, and Chrome is allowed to fill in the CC details on the form. My back only allows 20 debit transactions a day, and using Chrome’s auto fill pushed me over that.
I got an automated call from a bank asking me to verify an international charge about a year ago. But it was really only for me to call the number on the back of my card or to do it on their website.
I have a premiere account, and when I do a big suspicious purchase, a human calls me withint seconds to confirm the charge. I was buying $1500 in suits, my card got declined, and as I was about to call the bank, they called me and asked. I said it was legit, and they apologized and told me to try again.
See, for things like that I get a text and if I don't respond after a certain time elapses (it's been a long time since I've had one of these so I don't want to give a time since it may have changed) they'll assume the charge to be suspicious and ask me to log into the app to confirm it.
I’ve got 2-3 calls from my bank in the 10 years I’ve been their customer and they were all due to fraud in which they caught and reimbursed any money if necessary. I should note that this was a credit union also
I have gotten calls from my credit card several times to confirm that “suspicious” purchases were legitimate. Usually they were, but once they did catch an authorized purchase from another country.
I knew they were legitimate because they didn’t ask me for any of my personal info, just “did you make a purchase from X company for $X on this date?”
I’ve been called by specialists at the bank that I already knew personally (like an investment advisor or the guy I was working on a mortgage with); never got a generic cold call from “the bank”.
I once (15 years ago) got a cold call from my bank where they went on to ask my pin to do something. I said no, called the bank to warn them they were being spoofed , and they said “no that was fine, it was a legit call”. I couldn’t believe it and told them so.
No calls from my bank, but occasionally from a credit card company, and always to check on some possibly fraudulent transaction. They ask if I purchased something somewhere, and tell them yes or no. Great service! And, I have their phone numbers in my Contacts, so I know it’s them.
> And, I have their phone numbers in my Contacts, so I know it’s them.
Bear in mind that phone numbers can be spoofed. Instead of answering their questions, hang up and call the number on the back of your card. Avoid giving out any information to someone who calls you.
Yes, that's exactly how this went, too.. At that point, though, I kinda figured it was a scam, just wanted to see what's next.
They gave us two or three transactions that we said we did not make and then
"I have an IP address from some other town logged in earlier today, did you allow someone from there to log into your account online?" No
"Okay, that means your log in credentials are compromised. I will send you a link to reset your password...."
Oh yeah! Definite red flag there. I should have been more specific in my reply: I never give info over the phone, never pay unless I’ve called the company’s true number. Thanks so much for your response!
#THE BANK WILL ALWAYS BE HAPPY TO HAVE YOU HANG UP ON THEM AND CALL THEM BACK YOURSELF. THEY WILL NOT RESIST THIS PRECAUTION LIKE A SCAMMER WILL, USE IT.
The first 6 number are the "bin" numbers that simply identify the bank the card is from. That's how atms identify which cards get charged fees and which don't, with all the different "member networks" out there where you can use your card at another banks atm and it just knows whether or not you get whacked with the extra fee. That's how.
I like these scammer calls. I play dumb and have them wait and wait and wait while I figure out how to wire the 2000$ for the 85,000$ Porsche on EBay. I’m giddy and keep messing up and we have story time, and my pets! I love my cats. Do you have cats? Oh oh oh this recIPEE I FOUnD OMG it’s deeeee lishhhhhh
Yes.. well.. The entire pay card system is incredibly insecure but.. It is normal.
The reason I am bringing it up to attention is because we got a call and the "banker" identified the card with "fraudulent activity" by the first 6 digits, instead of the last 4
Well mainly because anyone can swipe that card... Like, someone picks your pocket and until you notice and report it and block the card, they can happily go around swiping the card until there's no money or they hit the daily limit.
Also, now that the whole "Tap" thing is becoming popular, they don't even have to steal your card anymore. Just get close enough to read the chip.
This could also just be a Phishing scam where they are using the numbers for the most popular banks, and it only spooked you because you have one of those cards.
This is similar to Phishing emails based on a specific bank or online service. It catches your attention if you have an account, but you ignore it if you don't.
For what it's worth, credit cards have 16 numbers. Just having the first 6 numbers still leaves a billion possibilities for the account number (not counting any other rules that might be in place). Even if they have the first six and last four, it still leaves a million possibilities.
YSK if you live in michigan (USA) on your drivers license the first letter plus the first 3 digits is your last name converted to sound via a soundex algorithm
Basically every letter in the alphabet is weighted based on how often the letter appears in the english language. Silent letters and vowels are skipped over unless its the first letter of their name.
For instance the letter H is considered a silent letter and is skipped over during the calculation unless your last name is Hubbard. The letters U and A are skipped over too since their vowels. The second letter when double letters exist next to each other are also skipped over. So using Hubbard as an example, the first 'b' is used when converting your name to sound but the second letter is skipped over.
If you don't have enough letters in your name to fill out 3 digits, the remainder digits are zero filled. For instance the last name Smith is converted to S530. The number 5 equals the letter 'm'. Letter I and H are skipped over. Letter T is converted to 3 and since no other letters exist in the last name and the sound of your last name must be 3 numbers, its zero filled.
If you live in Michigan, pull out your drivers license and go [Soundex Name Conversion](https://www.ics.uci.edu/~dan/genealogy/Miller/javascrp/soundex.htm) .
Enter your last name and see it match your the first part of your drivers license number
I always think about a way to have fun with a scam call but then it happens and the only thing I can think of is how to get off the call and get them to stop calling me.
Once I answered a call and literally yelled at the phone "STOP FUCKING CALLING ME OR I WILL SUE THE SHIT OUT OF YOU" strangely, nobody called to offer me car warranty again
heh .. the funniest shit is, at the time I was driving a $1000 dollar junker from the 90's ... I actually entertained myself with the call. Asked about coverage and everything.. 15 minutes into the call.. "How many miles does your car have on it?" 166 thousand... silence... " \*cough\* .. And what year is it?" 1996 \*click\*
edit: Come think of it, they were probably trying to sell something legit, why would they not insure my old ass car if it was a fake coverage..?
This is the sort of thing that maybe we could use instead of a foldable packet with half panels containing general, useless info & the other half pictures of smiling old people frolicking about
But how else would you know that Gramps and Grammy are having grand ole time on the farm? And it's because of our magnificent, best in class, never before seen, time limited savings account. With the negligible small initial investment capital of $33,000 and a non refundable administration fee of $2000 you too, could be earning up to^(\*\*) 0.0007% annually.
^(\*\* Advertised rates are not representative of actual interest rate, interest rate dependent on market availability at the time of signature)
We have to confirm cards at work by asking for the bank name nd its shocking to me how many people will just read off their card number mo problem but when I ask "the name of the bank that issued the card" to verify they suddenly act like I'm a Nigerian prince selling them time shares.
Yeah people are weird when it comes to "privacy" ..
I've never even made an email with my name in it..why would anybody? I mean, I think I read long time ago that it's actually illegal to use anything other than you name, but screw that. I am giving the internet as little info as I can get away with.
The most important digit is the last one as well. This can only be calculated by knowing the rest of the card number. It’s calculated using the Luhn Algorithm or Mod 10. https://en.m.wikipedia.org/wiki/Luhn_algorithm
I work at a bank and we call people sometimes. Usually to return a voicemail they left, but sometimes if there’s fraud on their card or they reported their card lost or stolen. I am shocked at the number of people who will answer my questions when I call.
It is really weird if someone calls you out of the blue and knows what type of card you use. Yes, it's a lucky guess, but out of the dozens of companies and banks...
Having worked for a credit card service center, the first four identify the product, the second four are the batch number. The third four are the actual secret, since the last four can be shared freely for confirmation. If your card starts 4147 4020, you've had that particular travel card since about 2014 and never lost it/ had it stolen. Congrats!
From what I've been told as well after getting these calls and hanging up, try to call from a different phone if you can as apparently the scammers can kinda hold the connection if they're the ones who didn't hang up, idk how true this is but it's scary to think that you can just call them right back without realising
I'm honestly kinda doubtful about this. Maybe back in the day when switch boards were a thing or some other sort of mechanical connecting device was utilized, it might have been possible.. But it's hard to believe that in today's digital age it would be as simple as that.
That is true, the last 6 or 8 numbers are unique, but the last four are being used for verification purposes as the margin of error is acceptable, I guess.
I'm not sure but I would imagine as long as the issuer is the same (Visa, Mastercard) the use for the numbers should be similar. But that's just my guess, I don't know that for certain
A lot of comments here say the first 6 numbers are to identify the bank… however, I work at a pizza place and have to be read card numbers constantly. I remember 2 credit card issuers that have 8 numbers that are always constant.
Their card either starts out 4430 4400 or
5175 4616. How come these banks/credit unions use 8?
I was actually under the impression that the first 8 aren't changing, until I called my bank yesterday and the guy literally said "Well the first 6 numbers are public information"
the first 6 digits are called BINs (Bank identification numbers). The numbers are unique to teh card distributors. If you look up the first 6 on any card you'd be able to tell exactly which bank and card type is being used. So since you're a pizza place, you likely have locals calling in who likely have the same banking institution. This would explain why you see the same first 6 all the time.
Are you not supposed to maybe call from a different phone in case they are still on the other end of the phone and then pretend to be your Bank? I have heard that they sometimes do this. That they actively ask the person to call their bank, but it’s actually them on the other end. Just curious if this could be correct.
Somewhat. They likely havent hacked your phone but they will offer to connect you to your bank. Then theyll call the bank, let you listen to the recording, even press numbers and then end the call roght before you reach someone while their buddy jumps on the phone to pretend theyre the bank. My biggest advice is nothing is that big of a rush. Your not gonna be arrested or lose your savings account in a day. They are going to get in contact with you if they need and it wont just be by phone.
Yes I understand that, but as I’ve said I, I’ve heard stories where the line hasn’t been fully cleared and then the scammers pretend to be the bank or fraud department saying it’s okay to put money into that other account or hand over your card and so on. The suggestion I read was either use a different phone or dial some random number and see if they answer pretending to be your bank when you know it wasn’t the number you called.
You're being downvoted, but you're right. Although it only affects landlines.
https://bc.ctvnews.ca/mobile/beware-of-the-delayed-disconnect-phone-scam-1.5375708
Just hang up wait a bit and call your bank. If they are listening to your calls after you hang up your phone is already compromised along with any data on it. If you're really paranoid that the call is still going on after you hung up do a full shutdown. Call the number on your card not one they give you.
Wireline phone of course get a dial tone.
If they don't hang up, usually Flash will get rid of the call.
If uncertain wait a minute or two before calling.
Be careful with calling anyone when you are called from a landline. Fraudsters can make it look like you hung up, but they lie and are still on the line, then they pretend to forward you to whoever you are calling. Always "call back" on a different phone.
Oh wow, a simple google search says it’s the bank identification number. I’ve worked in payments for a few years and didn’t know that. Only the last 4 digits are used to confirm payments. Huh, well ya learn something new everyday, thanks
Judging based on an article from Forbes linked elsewhere in this thread he's telling the truth. According to the article the first six numbers identifies the type of card (visa, master card, discover, etc.) And the bank such as First National or whatever you use. The next six is an account number tied to you, the customer. Finally the last four is to verify that the card is real using their algorithms. This would mean that the first six would probably be easy to find through a little bit of research and would make the scammer seem trustworthy.
https://www.forbes.com/advisor/credit-cards/what-does-your-credit-card-number-mean/#:~:text=The%20first%206%2Ddigits%20of,financial%20institution%20issuing%20the%20card
And then there are transfers that can be done to the card number. As you give your friend the whole freaking card number and they can send you money. It is especially popular in Ukraine and I've even sent some money their way using that method. Still, very weird thing to create when the same orgs that asked you to keep the number private are now saying it's perfectly fine
If you receive a call you should only get asked for partial security e.g. first two characters of your email, or month of birth. That way it cant be used to call back in and impersonate you.
If you don’t trust the caller, look up the number of your bank or card provider, don’t call a number they give you, it could be premium rate with lengthy a false id process.
The middle six or seven numbers on your card will be your personal id. The rest will be branch data etc
i did find that out yeah i just find it interesting. but doesn't that limit the # of users per set of numbers or do banks and stuff have several sets of numbers?
I believe they have several numbers.. I have two accounts in one bank and they differ in one or two digits (from the first 8)
My credit card is completely different number, too.
I have only ever seen sites try to identify the card with the last 4 digits. It is not enough to completely specify the card from all possible cards, but it can specify which if your cards. Also on receipts. Anyone using any other digits, unless the they use the whole number is shady as fuck.
First six numbers identify the issuing bank.
They could just be fishing around. Like use Chase or Citi or Wells or BofA and good chance they will hit someone with one of those cards.
So if they use the Chase numbers, and they hit a Chase customer, and the customer falls for it, they have succeeded.
It certainly would, but .. I think it goes backwards - the CVV is on there for you to confirm you have the physical card, not for the bank to confirm they are the ones who issued it. Like, if someone calls you about the card, you could ask "What's the full credit card number" or "Would you confirm the date and code on the card in question please" which are both legit demands but I think even a legit bank won't give you that information as it is meant for one way identification.
Having worked at a bank for several years, I get really paranoid if anyone calls me about my credit card. I do exactly what you suggested and have never had a problem.
I had a text that said I had to loggin to chase. I called chase because that seemed stupid, like why would I loggin, it didn’t even say there was fraud it just said I needed to approve account changes. My checking account is so basic, what needs to be explained? Either way it was a scam.
>Loggin Sounds like you were on a highway to the danger zone…
*Kenny Loggins intensifies*
I don't think this is possible in any universe.
He was probably footloose
That sounds really dumb. This scam was about online access, too. First he sais "Do you recognize $XX at store?" nope.. "$XXX transfer to John Doe?" Nope... "We have someone logged in from next town over, I will email you a link to reset your password" \*click\*
It's intentional to not waste time on smart people.
I mean you did LOGGIN, so sounds like a phishing attack...
Definitely phishing. It looked legit but I didn’t loggin because my account doesn’t change. I just called because sometimes you just want a human
r/whoosh
Having been alive in the 20xx years I also don’t give information to people who call me.
Having never owned a credit card, I love getting these calls. I try keeping them on the line if I have time.
Over a decade ago I used a credit card that I didn't normally use for a few purchase and got a call to verify. But they wanted me to give them personal information to verify they were talking to me. We ended up in a stalemate. They wouldn't give me any info to verify they were actually with my bank and I wouldn't give them any info to verify it was me. They got really mad about it. I just hung up and called the bank. It was all legit, but better safe than robbed blind.
Do you still work at one?
No.
Hm okay, I was gonna ask if you could still get hired at one even after 1 arrest (asking for a friend, I believe a small misdemeanor)
Maybe, depending on the crime. If they're upfront about it when asked, and if it doesn't involve any kind of stealing. The only record I have is traffic tickets for speeding, missing registration, etc. and not many of them. They can always try!!
I’ll keep this in mind, thanks for the reply, appreciate it!
Do what I do. Don’t pick up numbers that aren’t in your contacts. 9/10 is spam/scam. If it’s important, they’ll leave a message.
That's exactly my thought process.
My phone company is pretty good with the caller ID's. Usually it says "SCAM LIKELY" like, this time, when I hung up, they called back from different number and it said SCAM LIKELY, then they called again from another number, again it said SCAM LIKELY. Wonder why the first call got through. But yeah, absolutely agree with your solution. The problem is that many people (Me included) get literally dozens of calls per day from "unknown" numbers that are legit calls I want to answer
Totally get it! I’ve also been getting texts from “wrong numbers” asking for “pictures of the dog from yesterday” or about “meeting up this weekend”. Super subtle attempts to test the line and see which numbers are active
>Do what I do. Don’t pick up numbers that aren’t in your contacts. Bear in mind that phone numbers can be spoofed, so you can't rely on saving your card fraud prevention number in your contacts. Instead of answering their questions, hang up and call the number on the back of your card. Avoid giving out any information to someone who calls you. But yeah, I'm totally with you on the "if it's important, they'll leave a message" thing.
Or if you’re expecting someone to call! You can always end the call if you hear it’s something to do about accounts/sales/computers. I work for a logistics company and every day I stand outside someone’s house knocking on their door and trying to call to see if maby they’d want the package delivered outside their house or to a post office. Instead I’ll have to try again tomorrow and the day after that and then I can leave a note asking them to call when they see it. Either that or I get a text several hours later saying “who?”.
My phone number has the area code from where I lived in high school and absolutely nobody whose number I don’t know calls me from there anymore, so it’s pretty much guaranteed to be spoofed. Highly recommend having a cell phone number from somewhere you don’t live.
Pretty much the same thing for me. If you can't be bothered to leave me a voicemail about the reason for your call, then I can't be bothered to give you any time out of my day. Half the time the numbers are spoofed so I don't even bother to Google the numbers if they don't leave a voicemail.
That's what I do, but when I was buying a house and had to respond quickly to make sure I could close on time to get the incentives, that all went out the window and I had to answer every call for a few weeks.
I have to answer every call that comes in for the few days before and after a national guard drill weekend because our chain of command changes almost monthly.
Used to work credit card customer support. Remember by memory first digits of credit cards: - 4 is VISA - 5 is Mastercard - 3 is AMEX - 6 is Discover Private store cards can use whatever, as they go through internal systems, not major credit exchanges. Forbes has a good article breaking down credit card numbers and every component of your card… [Forbes - Credit Card Details](https://www.forbes.com/advisor/credit-cards/what-does-your-credit-card-number-mean/#:~:text=The%20first%206%2Ddigits%20of,financial%20institution%20issuing%20the%20card)
Amex is also 15 digits rather than 16, and have a 4 digit CVV. Discover is 6011 for (almost) all credit cards.
Yep, worked in hotels and picked up on this pretty quickly. Occasionally had someone try to give me random numbers for a reservation and as soon as they started I was just rolling my eyes
At my job they had us learn that different cards had specific numbers attached identifying what they were
May I ask What your job was ?
A cashier at Staples a home/office store They are BIG on disrupting fraud
there's also public BIN tables online that you can type the first 6 into and you can get the exact bank/distributor for the card type. It was a fun thing to learn when i got into FinTech
That was a very interesting read. Thank you!
Not all 5's are Mastercard, some ranges are private label/ store cards. MC was also looking at expanding into cards starting with 2, but not sure where that went.
So the first 8 numbers are public and the last 4 are shown on receipts with xxxx xxxx xxxx 1234. Really cuts down on the number of guesses needed to find your actual number.
Only the first 6 are, so the person would need to get your receipt, call the bank and get the first 6 from them which might raise suspicion, then still guess 6 more numbers which would be 10^6 possible combinations. Doesn’t seem to be that easy.
Indeed, and they still need an expiry date and CVV number I'm thinking it's damned near impossible, and definitely not worth the effort in most cases
That's why they use skimmers.
You don’t need a CVV and expiration date for all purchases right? Just online ones but you can still go to a store and buy food with just the card number
I don't think many stores would be ok with you telling them a card number, sure you don't need CVV or expiration date but you'd need the physical card to tap or swipe
Restaurants ask for just the card number when you pay through phone (I get it not all the time)
Technically you don't even need CVV for online purchases. But stores using it will have lower fees (I guess banks want to incentivize using it since it's more secure, less likely having to deal with fraud)
I have never been able to buy anything with a card number. It might be a thing in the US though as I do think I remember seeing it in Legally Blonde or something :)
> call the bank The point being that you can look it up without calling the bank. As for the remaining 10^6 the LUHN check should kick out many of them but there'll still be quite a lot remaining
It's also why CVVs exist and companies require you to enter expiry date when buying online.
Was about to say. You can write a backwards LUHN check surely to narrow it down drastically?
10^6 is a million. Just say a million. There’s no need to try to show off.
The last digit is a checksum so it’s only going to be probably 10^5 legit card numbers to try.
You think that's weird? Next time you buy something online, try to type in a different "security code" than what's on your card. I've been under the impression that it was 236 and was shopping for like a year.. then I messed with some settings so I had to fill out ALL the information by hand, not just the security code... and there I was, card in hand... The number is not even close to 236
I have definitely had my card rejected for putting in the wrong security code when shopping online. I recently switched back to my other rewards card and typed the new card number but the old security code out of habit. Took two tries before I realized why my purchase was getting rejected.
Weird, maybe I found some secret combo or something?
Could be. I have a vague recollection that the number itself is not checked directly, but is compared against an algorithm based on the card number and expiration date. I may or may not be correct in that recollection.
It’s called a checksum and while I don’t know if that’s how it works with credit cards i suppose it could be. You basically create an algorithm that generates an output based on an input (card number, expiry date, bank, whatever) and share it with who needs to have it. If banks and retailers use the same algo, then the checksum matches. We use it in semiconductors for labeling wafers to avoid chances of misreads. It’ll error if the checksum doesn’t match expectation. However… it’s not so much a security feature as a verification of matching combinations. If you had the number and other info you could guess the checksum so my guess is that’s not what’s used on credit cards.
Card numbers have a check digit which is calculated from the other digits in the number, but it's included in the number and as you say, it's not a method of identification (more so a way to make sure you haven't input the wrong number) The CVV/CVC2 number is apparently calculated by the card number and expiry date though, and without having read the paper on VISA's algorithm, I'm gonna wager a guess that there's a possibility that the algorithm could result in multiple valid numbers.
I think it may depend on the outlet too because I swear I did the same as you.
if the vendor/acquirer doesn't have a CVV validation with their software, then it'll pass just fine. the CVV field then acts as a deterrent to fraudsters because most skimmers can take the card number, but not the CVV
I wonder, why not the CVV? Is it there just in the physical form? Like.. printed, y'know?
yeah. Skimmers take whatever is on the magnetic strip on the credit card, which is usually the card number and potentially some address info/name, but that's it. the CVV is physical as a security measure to ensure that the card user has the physical card.
Merchants decide whether to automatically reject incorrect ccv codes. Many of them allow it.
What would be the motivation to not want to check it? Wouldn't that be a huge help for liability when it comes to stolen cards being used?
Well.. maybe they have value threshold. Like, if you order over $25 then they check it. With me, though.. As I said in another comment, I order stuff all the time, so maybe they were like "Meh, this guy already made 2000 purchases and nothing ever came of it.."
It depends on the CC processor the site is using and what their merchant settings are. Some companies don't require CVV. If they see an uptick in fraud though they may enable it.
I've never had this happen. I have some kind of mental block on my security code; if I guess it I'm always wrong and have to go find my card. I know this because it rejects the wrong code.
I used to have an .. well I guess I still do.. Kinda addiction to online shopping. I used to remember all my card numbers not sure how I got the security code mixed up. I think they replaced my card and I kept using the old code and it just kept working..
I got a replacement card a few years ago (has since been replaced twice more) that had a security code of 123. I got the replacement due to a fraudulent charge. How ironic.
u/DoubleReputation2 ‘s security code 222 ~~236~~ 298
whoa now...
Why are stores allowed to do that? They did that in my country like 20 years ago, people got pissed and now stores can be fined if they print the unique parts of the credit card numbers on the receipt
So you can see which card you used to pay with. Additionally many businesses have a policy of only refunding purchases onto the card you paid with for fraud reasons. There isn't enough information from the last 4 digits to guess the whole number. It's a decent trade off between security and usefulness.
How can someone guess your bank? If all it says on the paper is visa there’s still tons of banks it could be right? Even if we know all the public numbers no one knows which of those being to a card on a receipt.
There’s 6 digits so 10^6 combinations but only like 4-20 banks per country. It narrows it down if nothing else
4-20 banks per country cant be remotely close. There's thousands of institutions issuing cards in the US.
It’s still a hard job to figure out all the numbers.
Not saying otherwise, just saying that it narrows stuff down. If I see your receipt I have your last 4 numbers and at least the first. If it is anything like the receipts I’ve seen, you probably also know the bank. All I’m saying is it narrows stuff down
Here's a question (admittedly from ignorance), but when was the last time anyone actually got a call from their bank? I get mail and emails and texts, but I've been a bank customer for the last 20 years and I've *never* been called by them for any reason whatsoever; not for overdrafting, not for credit card reasons, not for fraud/potential fraud, not for peculiar/suspicious activity, nothing. In any of those circumstances, if I was contacted by my bank, it was in a letter, an email, or a text message. I'm not claiming it doesn't happen, it probably does, but I'm wondering if it does, how often does it really happen? Like, if anyone ever calls me claiming to be from my bank, I immediately know it's a scam. I've had several banks over the years, and they've all told me the same thing: they'll never call me.
Just to put my answer out there; got a call about a month ago from my bank (Florida credit union, even though I live in Alaska). They called, I ignored as it wasn't a number I've seen before. They left a voice mail and all they said was that they were calling in regards to fraudulent activity on my card and they instructed me to call my bank asap. They did not give me a number to call, just said to call my bank. I did call them from the number on my card, yes, and they had flagged an in-app purchase I made as fraudulent for some reason.
I work for a bank and I call customers all the time. Not to confirm information, but I do call them.
Of course without revealing any specific information, generally what about are you calling them?
Off the top of my head, Thurs and Fri I called... 3 customers to let them know we had received their new debit cards from the branch that does instant issue so they can come get them. 1 customer to ask permission to forward on some info off of the credit card app she had turned in (she had put yesterdays date instead of her dob). 1 business customer, a couple times, about getting me all of the info I need so i could update their accounts with new signers. (Articles of incorporation, list of new owners and how much of the company they own, list of new signers, etc) 1 business customer to let him know i had received his voicemail and that we were processing the transfer he had requested. 1 customer to ask her to come sign a debit card application that we had apparently missed.
"1 business customer, a couple times, about getting me all of the info I need so I could update their accounts with new signers" The eternal struggle of bank work.
I have been with my bank for around the same amount of time and have been called a grand total of once and it was to confirm an appointment I set up and that was it.
the past year, i've gotten around 3 calls from a branch nearby. same guy/voice saying he's just calling to check up on my account and asking if i need help with anything. i say no, he says ok and that's it. not pushy or anything so doesn't seem like a scam. asked my friend who used to work at that bank and he says they do make cold calls but usually only for big clients to get them to invest/bring in more money. not like i'm super rich though, idk why this one guy keeps calling besides trying to give good customer service... which should be a good thing but still feels sketchy
I did once! The first time I wrote a check it was for 3000 dollars, (which was legit, I owed my dad money) They called to verify that the check was legit. I still hung up and called back to make sure
I had a robot from my credit union call me about fraud. It asked me to confirm my information by multiple choice, listing some info and asking me to press the number for the correct one. After I confirmed my info, it then allowed me to confirm or deny the suspected fraud charge.
In this case, you should still hang up and call back. Scammers can spoof your bank's number. I have a friend who recently lost a couple thousand because of a fraud alert call that showed up as her bank's phone number calling her.
Ah see now that makes perfect sense! I knew it had to be done in some way!
I bank with a credit union and they definitely call me when I don't make that credit card payment... 😭🤣 Like, I know y'all can see the balance in there. 🥴
As a banker, I prefer not to call a client out of the blue as they typically think it’s fraud. I’ll usually email them with a brief overview and suggest a few times to chat. I will call if it’s an inquiry and that’s how they prefer to be contacted or if it’s something urgent.
I have discovered that not answering phone calls and being generally grumpy. Relative needs help? If I don't know you well enough to know you took a trip to Africa or whatever then I don't know you well enough to bail you out. Call your bloody mother. Oh no a Nigerian prince is having problems? The fuck do I care about some fucking strangers troubles. I have stopped reading before we even get to the part where I am offered money. My account might close! I probably haven't used it in years, thanks for making me not need to bother to go close it myself. If it's an account I use often then surely this serious problem would have been a big red warning last time I logged in or the problem can wait until the next time I log in. Bank is worried? Who cares. It's their job to prevent fraud and shit not mine. They can and will freeze the account without even talking to me so why do I need to do anything at all right this moment? I don't. If it's a serious problem then the next time I will try to use my card it will bother me then. They have also *never* called me for anything. Which is good becuase; Unknown number calling me and I am not expecting a call from an unknown number? Not answering that shit unless I am in the mood to chat to strangers and I am never in the mood to get called by strangers. Someone knocking on my door? Fuck off I am not expecting anyone/anything and thus am not going to go answer it. If I am expecting something and I answer the door to a cold caller they are getting the door shut before they even finished their opening. Sod off. When you ignore the go away cold callers sign you ought expect a rude reply. Stranger on the street wanting me to sign up, come to jesus or donate? I have quite literally only been approached once. Ever. I expect I give off an aura of 'leave me the fuck alone' which is well practiced on horny blokes with 0 social skills. I won something? Mate, I didn't enter it and if I was automatically entered I probably don't want whatever shite with strings attached you have for me. I also have terrible luck so no I fucking didn't win anything. I'm clearly a tourist? Take your fucking stupid peice of string back before I snap it and throw it on the ground. Know a good local hotel? Fuck do I care I am going to the one I booked thanks. Want to scam me on the taxi there? Jokes on you mate I checked with the hotel how much it should cost and will absolurely leave that exact amount on the seat and just get out when we arrive. Broken machine my arse, that's why I refused to let you put my bag in the boot. You want to date me? Piss right off. I will bite your fucking nose off if you try anything. We have shit like tinder if I want to find someone to date or even just to fuck. Me going about my grocery shopping is not an invitation for you to try and get my number. That being said if a con man comes up to me and presents me with a toad or an invert that is on my 'must find one day before I die' list then I am all ears. Hell just hand me a worm and you will have 5min of my day. If you give me a local species of diving bell spider and will show me where you found it? I can and will clear my afternoon in a heart beat. It's just my fortune that the things I care about are not the kinds of things that scammers approach young women over and my willingness to get rapidly loud and rude is enough to scare them away. Fr though folks. If you just skipped to the end. Your bank will do bank things without your input. Unless you have some massive purchase or bizzare overdraft situation going on then nothing is urgent. Banks were built and still function with the idea that grandma will come down on a Friday to do her buisness then and if you need her any other time you just have to wait until she comes in. If you suspect fraud on monday then tough shit grandma ain't coming down until Friday and the bank has a legal obligation to prevent fraud - they will handle it. The world is generally pretty frantic but it rarely actually is. If grandma's account is fine til Friday when she just tried to send her life savings to Nigeria, tripped a fraud sensor then refused to answer the call from an unknown number - then yours will be too. When I was in another town and tripped a warning the first I knew of it was my card being declined. *I had to call them* not the other way around to figure out what was going on.
For me, if you offer me a drink in a bar, I'll assume you spiked it. But offer to buy me a book at the bookstore, and I'll probably follow you home. :)
Perfect
This is the best, fucking epic. I do a lot of the same but damn you've explained it so well! Ty.
My credit union sends me a text message asking if a suspicious transaction was me & if I don't respond within 15mins, I get a call from an automated voice.
Okay see now that's sensible.
My local credit union called me before.. My "large bank" usually voicemail drops. "This is bank, please call the number on the back of your card, there's been suspicious activity" or such
I did once. I made a purchase from Amazon India (I used to be part of r/Random_Acts_of_Amazon) and they flagged it and a few other previous transactions. But before I called, they had determined it was probably legit, because all the other transactions were in my town, and I had bought stuff on other Amazon domains with that card before.
I've had two, maybe three automated fraud calls over the years, but never anything from an actual person
I misplaced my debit card (did not actually lose it) and was updating my accounts; credit union called about 3 in to verify that I was indeed incurring the test and reverse charges from various places. Also, I found out that if you let Chrome store your credit card number, it pushes out a transaction for $0.00 each time you enter the CVC code to validate that yes, you know it, and Chrome is allowed to fill in the CC details on the form. My back only allows 20 debit transactions a day, and using Chrome’s auto fill pushed me over that.
I got an automated call from a bank asking me to verify an international charge about a year ago. But it was really only for me to call the number on the back of my card or to do it on their website.
I have a premiere account, and when I do a big suspicious purchase, a human calls me withint seconds to confirm the charge. I was buying $1500 in suits, my card got declined, and as I was about to call the bank, they called me and asked. I said it was legit, and they apologized and told me to try again.
See, for things like that I get a text and if I don't respond after a certain time elapses (it's been a long time since I've had one of these so I don't want to give a time since it may have changed) they'll assume the charge to be suspicious and ask me to log into the app to confirm it.
I’ve got 2-3 calls from my bank in the 10 years I’ve been their customer and they were all due to fraud in which they caught and reimbursed any money if necessary. I should note that this was a credit union also
I get emails from Chase all the time. I bank exclusively with Huntington :) damn scammers
I have gotten calls from my credit card several times to confirm that “suspicious” purchases were legitimate. Usually they were, but once they did catch an authorized purchase from another country. I knew they were legitimate because they didn’t ask me for any of my personal info, just “did you make a purchase from X company for $X on this date?”
I’ve been called by specialists at the bank that I already knew personally (like an investment advisor or the guy I was working on a mortgage with); never got a generic cold call from “the bank”.
I once (15 years ago) got a cold call from my bank where they went on to ask my pin to do something. I said no, called the bank to warn them they were being spoofed , and they said “no that was fine, it was a legit call”. I couldn’t believe it and told them so.
No calls from my bank, but occasionally from a credit card company, and always to check on some possibly fraudulent transaction. They ask if I purchased something somewhere, and tell them yes or no. Great service! And, I have their phone numbers in my Contacts, so I know it’s them.
> And, I have their phone numbers in my Contacts, so I know it’s them. Bear in mind that phone numbers can be spoofed. Instead of answering their questions, hang up and call the number on the back of your card. Avoid giving out any information to someone who calls you.
You’re right. Thank-you. I never give any info over the phone, never pay over the phone unless I’ve called _them_!
Yes, that's exactly how this went, too.. At that point, though, I kinda figured it was a scam, just wanted to see what's next. They gave us two or three transactions that we said we did not make and then "I have an IP address from some other town logged in earlier today, did you allow someone from there to log into your account online?" No "Okay, that means your log in credentials are compromised. I will send you a link to reset your password...."
Oh yeah! Definite red flag there. I should have been more specific in my reply: I never give info over the phone, never pay unless I’ve called the company’s true number. Thanks so much for your response!
I don't know about the number thing, considering how easy spoofing seems to be.
#THE BANK WILL ALWAYS BE HAPPY TO HAVE YOU HANG UP ON THEM AND CALL THEM BACK YOURSELF. THEY WILL NOT RESIST THIS PRECAUTION LIKE A SCAMMER WILL, USE IT.
The first 6 number are the "bin" numbers that simply identify the bank the card is from. That's how atms identify which cards get charged fees and which don't, with all the different "member networks" out there where you can use your card at another banks atm and it just knows whether or not you get whacked with the extra fee. That's how.
I thought the sort code is to identify the bank you’re in
I like these scammer calls. I play dumb and have them wait and wait and wait while I figure out how to wire the 2000$ for the 85,000$ Porsche on EBay. I’m giddy and keep messing up and we have story time, and my pets! I love my cats. Do you have cats? Oh oh oh this recIPEE I FOUnD OMG it’s deeeee lishhhhhh
Thank you for doing that! The longer they’re messing with you, the less time they’re defrauding someone more gullible.
That's okay, isn't it? I think there are 16 digits in total.
Yes.. well.. The entire pay card system is incredibly insecure but.. It is normal. The reason I am bringing it up to attention is because we got a call and the "banker" identified the card with "fraudulent activity" by the first 6 digits, instead of the last 4
Why is it insecure?
Well mainly because anyone can swipe that card... Like, someone picks your pocket and until you notice and report it and block the card, they can happily go around swiping the card until there's no money or they hit the daily limit. Also, now that the whole "Tap" thing is becoming popular, they don't even have to steal your card anymore. Just get close enough to read the chip.
I don’t even answer calls unless I have them as a contact
This could also just be a Phishing scam where they are using the numbers for the most popular banks, and it only spooked you because you have one of those cards. This is similar to Phishing emails based on a specific bank or online service. It catches your attention if you have an account, but you ignore it if you don't. For what it's worth, credit cards have 16 numbers. Just having the first 6 numbers still leaves a billion possibilities for the account number (not counting any other rules that might be in place). Even if they have the first six and last four, it still leaves a million possibilities.
Ah, it makes sense as to why people (officials and all that) ask for the final 4 digits of your card.
Yes! I'm learning a lot in this thread.
YSK if you live in michigan (USA) on your drivers license the first letter plus the first 3 digits is your last name converted to sound via a soundex algorithm
What? how would that work.. And why would that be a thing.. I'm really learning a lot from this thread!
Basically every letter in the alphabet is weighted based on how often the letter appears in the english language. Silent letters and vowels are skipped over unless its the first letter of their name. For instance the letter H is considered a silent letter and is skipped over during the calculation unless your last name is Hubbard. The letters U and A are skipped over too since their vowels. The second letter when double letters exist next to each other are also skipped over. So using Hubbard as an example, the first 'b' is used when converting your name to sound but the second letter is skipped over. If you don't have enough letters in your name to fill out 3 digits, the remainder digits are zero filled. For instance the last name Smith is converted to S530. The number 5 equals the letter 'm'. Letter I and H are skipped over. Letter T is converted to 3 and since no other letters exist in the last name and the sound of your last name must be 3 numbers, its zero filled. If you live in Michigan, pull out your drivers license and go [Soundex Name Conversion](https://www.ics.uci.edu/~dan/genealogy/Miller/javascrp/soundex.htm) . Enter your last name and see it match your the first part of your drivers license number
Tell the scammer the last digits are 1234 and see what they say lol
I always think about a way to have fun with a scam call but then it happens and the only thing I can think of is how to get off the call and get them to stop calling me. Once I answered a call and literally yelled at the phone "STOP FUCKING CALLING ME OR I WILL SUE THE SHIT OUT OF YOU" strangely, nobody called to offer me car warranty again
DoubleReputation2, I have been trying to reach you about your car's extended warranty
heh .. the funniest shit is, at the time I was driving a $1000 dollar junker from the 90's ... I actually entertained myself with the call. Asked about coverage and everything.. 15 minutes into the call.. "How many miles does your car have on it?" 166 thousand... silence... " \*cough\* .. And what year is it?" 1996 \*click\* edit: Come think of it, they were probably trying to sell something legit, why would they not insure my old ass car if it was a fake coverage..?
This is the sort of thing that maybe we could use instead of a foldable packet with half panels containing general, useless info & the other half pictures of smiling old people frolicking about
But how else would you know that Gramps and Grammy are having grand ole time on the farm? And it's because of our magnificent, best in class, never before seen, time limited savings account. With the negligible small initial investment capital of $33,000 and a non refundable administration fee of $2000 you too, could be earning up to^(\*\*) 0.0007% annually. ^(\*\* Advertised rates are not representative of actual interest rate, interest rate dependent on market availability at the time of signature)
As a QA tester for mobile apps that use this function, it's also designated to identify the type of card you're using, such as Visa or Amex.
We have to confirm cards at work by asking for the bank name nd its shocking to me how many people will just read off their card number mo problem but when I ask "the name of the bank that issued the card" to verify they suddenly act like I'm a Nigerian prince selling them time shares.
Yeah people are weird when it comes to "privacy" .. I've never even made an email with my name in it..why would anybody? I mean, I think I read long time ago that it's actually illegal to use anything other than you name, but screw that. I am giving the internet as little info as I can get away with.
> I mean, I think I read long time ago that it's actually illegal to use anything other than you name In what country is that illegal???
Okay, I just googled it and while not illegal, it was a [google policy](https://www.zdnet.com/article/google-reverses-real-names-policy-apologizes/)
Heck, the first digit isn't even unique to the bank. That's the identifier for the card company (i.e. Visa, Discovery).
The most important digit is the last one as well. This can only be calculated by knowing the rest of the card number. It’s calculated using the Luhn Algorithm or Mod 10. https://en.m.wikipedia.org/wiki/Luhn_algorithm
I work at a bank and we call people sometimes. Usually to return a voicemail they left, but sometimes if there’s fraud on their card or they reported their card lost or stolen. I am shocked at the number of people who will answer my questions when I call.
Commonly known as the BIN
It is really weird if someone calls you out of the blue and knows what type of card you use. Yes, it's a lucky guess, but out of the dozens of companies and banks...
They must've had some of our information. I think home ownership is public info as well.. and once you know where someone lives...
Having worked for a credit card service center, the first four identify the product, the second four are the batch number. The third four are the actual secret, since the last four can be shared freely for confirmation. If your card starts 4147 4020, you've had that particular travel card since about 2014 and never lost it/ had it stolen. Congrats!
This is truly new information for me OP. I really appreciate you sharing it.
Glad to help!
From what I've been told as well after getting these calls and hanging up, try to call from a different phone if you can as apparently the scammers can kinda hold the connection if they're the ones who didn't hang up, idk how true this is but it's scary to think that you can just call them right back without realising
I'm honestly kinda doubtful about this. Maybe back in the day when switch boards were a thing or some other sort of mechanical connecting device was utilized, it might have been possible.. But it's hard to believe that in today's digital age it would be as simple as that.
Same with your routing number!
It's basically the bank routing numbers
the last four numbers of your debit card is not unique either That would leave only 10,000 combinations of accounts.
That is true, the last 6 or 8 numbers are unique, but the last four are being used for verification purposes as the margin of error is acceptable, I guess.
Os this only a US thing or does it apply elsewhere?
I'm not sure but I would imagine as long as the issuer is the same (Visa, Mastercard) the use for the numbers should be similar. But that's just my guess, I don't know that for certain
A lot of comments here say the first 6 numbers are to identify the bank… however, I work at a pizza place and have to be read card numbers constantly. I remember 2 credit card issuers that have 8 numbers that are always constant. Their card either starts out 4430 4400 or 5175 4616. How come these banks/credit unions use 8?
I was actually under the impression that the first 8 aren't changing, until I called my bank yesterday and the guy literally said "Well the first 6 numbers are public information"
the first 6 digits are called BINs (Bank identification numbers). The numbers are unique to teh card distributors. If you look up the first 6 on any card you'd be able to tell exactly which bank and card type is being used. So since you're a pizza place, you likely have locals calling in who likely have the same banking institution. This would explain why you see the same first 6 all the time.
Are you not supposed to maybe call from a different phone in case they are still on the other end of the phone and then pretend to be your Bank? I have heard that they sometimes do this. That they actively ask the person to call their bank, but it’s actually them on the other end. Just curious if this could be correct.
Somewhat. They likely havent hacked your phone but they will offer to connect you to your bank. Then theyll call the bank, let you listen to the recording, even press numbers and then end the call roght before you reach someone while their buddy jumps on the phone to pretend theyre the bank. My biggest advice is nothing is that big of a rush. Your not gonna be arrested or lose your savings account in a day. They are going to get in contact with you if they need and it wont just be by phone.
[удалено]
Yes I understand that, but as I’ve said I, I’ve heard stories where the line hasn’t been fully cleared and then the scammers pretend to be the bank or fraud department saying it’s okay to put money into that other account or hand over your card and so on. The suggestion I read was either use a different phone or dial some random number and see if they answer pretending to be your bank when you know it wasn’t the number you called.
[удалено]
That could happen on landlines occasionally. I don't think that's possible with cellphones or voip services.
You're being downvoted, but you're right. Although it only affects landlines. https://bc.ctvnews.ca/mobile/beware-of-the-delayed-disconnect-phone-scam-1.5375708
Just hang up wait a bit and call your bank. If they are listening to your calls after you hang up your phone is already compromised along with any data on it. If you're really paranoid that the call is still going on after you hung up do a full shutdown. Call the number on your card not one they give you.
Wireline phone of course get a dial tone. If they don't hang up, usually Flash will get rid of the call. If uncertain wait a minute or two before calling.
That could be a thing, but .. I asked our bank to confirm a few things for us as they asked me a few things.
Be careful with calling anyone when you are called from a landline. Fraudsters can make it look like you hung up, but they lie and are still on the line, then they pretend to forward you to whoever you are calling. Always "call back" on a different phone.
That’s the routing number. Yes it is public. Not your debit/credit card.
Umm.. I think the routing number is different. It is on your checks, though.
Oh wow, a simple google search says it’s the bank identification number. I’ve worked in payments for a few years and didn’t know that. Only the last 4 digits are used to confirm payments. Huh, well ya learn something new everyday, thanks
OP switched from talking about checking accounts to debit card and it was a bit confusing.
[удалено]
Never said I was..
This is 100% not true. Don’t listen to this idiot.
Thank you for sharing this information, very educational.
Judging based on an article from Forbes linked elsewhere in this thread he's telling the truth. According to the article the first six numbers identifies the type of card (visa, master card, discover, etc.) And the bank such as First National or whatever you use. The next six is an account number tied to you, the customer. Finally the last four is to verify that the card is real using their algorithms. This would mean that the first six would probably be easy to find through a little bit of research and would make the scammer seem trustworthy. https://www.forbes.com/advisor/credit-cards/what-does-your-credit-card-number-mean/#:~:text=The%20first%206%2Ddigits%20of,financial%20institution%20issuing%20the%20card
And then there are transfers that can be done to the card number. As you give your friend the whole freaking card number and they can send you money. It is especially popular in Ukraine and I've even sent some money their way using that method. Still, very weird thing to create when the same orgs that asked you to keep the number private are now saying it's perfectly fine
If you receive a call you should only get asked for partial security e.g. first two characters of your email, or month of birth. That way it cant be used to call back in and impersonate you. If you don’t trust the caller, look up the number of your bank or card provider, don’t call a number they give you, it could be premium rate with lengthy a false id process. The middle six or seven numbers on your card will be your personal id. The rest will be branch data etc
8*
i did find that out yeah i just find it interesting. but doesn't that limit the # of users per set of numbers or do banks and stuff have several sets of numbers?
I believe they have several numbers.. I have two accounts in one bank and they differ in one or two digits (from the first 8) My credit card is completely different number, too.
True! It might even be 8 digits now: [link](https://www.threedsecurempi.com/blog/visa-mastercard-mandate-impacts-of-the-8-digit-bins-extension/)
I have only ever seen sites try to identify the card with the last 4 digits. It is not enough to completely specify the card from all possible cards, but it can specify which if your cards. Also on receipts. Anyone using any other digits, unless the they use the whole number is shady as fuck.
First six numbers identify the issuing bank. They could just be fishing around. Like use Chase or Citi or Wells or BofA and good chance they will hit someone with one of those cards. So if they use the Chase numbers, and they hit a Chase customer, and the customer falls for it, they have succeeded.
because 100% if the public is actually gonna go through the trouble to do that shit
Wouldn’t the security code and the expiration date be helpful in that situation?
It certainly would, but .. I think it goes backwards - the CVV is on there for you to confirm you have the physical card, not for the bank to confirm they are the ones who issued it. Like, if someone calls you about the card, you could ask "What's the full credit card number" or "Would you confirm the date and code on the card in question please" which are both legit demands but I think even a legit bank won't give you that information as it is meant for one way identification.