The Fiserv Risk Office, Discovery FCU’s card risk and fraud partner has received reports of account takeover fraud via the impersonation of fraud prevention tools. These scams use sophisticated methods combined with social engineering to deceive cardholders into revealing critical information and disregarding legitimate fraud warnings.
Account takeover fraud occurs when a scammer has obtained sufficient credentials to pose as the cardholder to financial institutions. They can then execute changes to account or card-level settings that assist in the commission of fraud, including demographic changes (phone numbers, emails, passcodes, etc.), increased limits, PIN changes, and travel exemptions that suppress normal fraud monitoring.
Contact Center agents have reported instances of cardholders receiving phone calls claiming to be from the Fraud Prevention Department. The cardholder is sent a one-time passcode (OTP), is asked for their member or account number, and told to provide the code. The caller then instructs the cardholder to reply “No Fraud” to text messages sent by the real Fraud Prevention Department in response to fraudulent transactions.
Diligence and account monitoring is the first line of defense when it comes to stopping fraud. When our fraud alert department contacts you:
- You will never be asked to provide your full social security number, PIN, or a one-time passcode.
- You should never respond NOT FRAUD to fraud alerts on the activity you did not perform, regardless of who instructs you to do so.