In this free-for-all-Friday Trent talks about the perils of debit card scams.
Trent Horn (00:00):
When you’re a victim of theft, you know why Dante put thieves so low in the circles of hell. It’s just such a revolting thing that when it happens to you, at least attempted theft that happened to me recently. Welcome to Free For All Friday here on the Council of Trent. Mondays and Wednesdays we talk apologetics and theology. Friday, whatever I want to talk about. And here’s what I want to talk about. I wake up recently and come to see that I was the attempted victim of fraud. Now I see these things happen from time to time, but it was just really jarring for me. So first I wake up and I scroll through my phone and I see I’ve got a hundred text messages. I’m like, “What is going on here?” It reminds me of that scene from … No, it’s a hundred text messages from Substack and from other places where my phone number has been used to try to get a subscription to something and they’re sending me a confirmation code.
(00:58):
It’s not like a hundred text messages from friends saying like, “Hey, how are you doing?” It reminds me of that scene from Zuland when the girl goes over to Zulander and says, “You’ve been out for a week, a week. Matilda, I’ve only been out for a day. You know a day spa.” And he clicks on his voicemail message like, “You have 1200 new messages that is a bit more than usual.” One of these days, I’ll just do a whole free for all Friday, a whole episode and it’s just Zulando Trent. Than being really, really ridiculously good looking. So I see all of these things. I’m like, “What is going on here?” And immediately I’m worried, okay, someone’s doing something. The big thing I’m worried about is if someone goes and gets control of my primary email account. You’ve got an email account where you go and you subscribe to things and you have password resets and things like that.
(01:48):
And it’s like, oh my goodness. So I go and I rush down the stairs, grab my computer and I turn it on and upload it. I’m just like, okay. Then I go to my email and it’s already logged in and I look around, log out, log back in. It’s like, okay, nobody changed my password. No one got to my … Don’t get to my email address. Okay, we’re all right there. And it’s like you’re trying to source through to say, okay, what is the thief doing? What are you trying to do? You’re trying to attack my vulnerable elements here. Well, I guess my virtual vulnerable elements. I guess in a physical fight, you go after the vulnerable elements on the human body. This person’s trying to come at me. What are they doing exactly? Why would someone just sign me up for 80 Substack articles and memberships that require me to confirm it?
(02:40):
So I go through and I start looking for them. And then I go and I see one of the text messages says that you have a debit card spending that is over your set limit. And I go and look at it and it’s like, oh, I think it was for something, it was like vapes or a patch, like a nicotine patch, but it’s like for a thousand dollars worth. And I was like, well, obviously I’m not spending that kind of money on that kind of stuff. There’s the fraud right there. Then I go contact the bank. I’m on the phone with them. I go through, pull up my debit card and I see this person is trying to spend $4,000 worth on my debit card, which we have. So I’m like, well, I’ve got the debit card right here. How do they do that? So they’re going and then they’re trying to spend that.
(03:27):
So I called the bank. Thankfully, the bank detected that it was fraud and did not allow the purchase to go through. And so I actually looked up here. I always wonder how they do that. And usually they’re pretty on par. I’ve rarely had things that I spend for get declined. I have had the bank ask me sometimes when I reserve hotel rooms or pay for hotel stuff or travel stuff for work using my own personal card if I have to just get it done. Sometimes the credit card company will contact me first and say, “Hey, did you do this? Say yes or no.” But my regular bank, my debit card, they’re usually really good that they only shut down transactions that are fraudulent. They have very few false negatives or false pauses. I don’t know how you would phrase that there. But it says here, “Banks are now using artificial intelligence to profile debit card spenders.” So they basically know what you end up purchasing.
(04:23):
They know what you want and they can track when it is a merchant that people often use fraud for, like buy a bunch of vape stuff and then sell it in the black market, for example. So they know, okay, this doesn’t fit your normal spending patterns, impossible travel speeds, your card was used in person in California. And then it was also used in person in Paris a few minutes later and they can see, oh, okay, here’s the problem that you couldn’t have actually done it in that way. And so they’re able to use your behavioral profiling, match up the merchants with typical fraud merchants and then be able to check that out. So I go, I’m on the phone with them and thankfully I don’t have to get it refunded or anything like that, but it’s hard. You got to check your bank stuff and your credit card stuff now almost daily or at the very least what I do is I set alerts.
(05:08):
I’ll set alerts to spending like, “Hey, if it drops below this amount, if more than this amount is spent, contact me. ” And they do that and I can usually spot things if there’s a problem. I think what happened here in this case, and I’ll talk a little bit more about how scammers do this kind of stuff, how they do, how they get these debit card numbers for fraudulent purchases is that the scammer somehow got one of, they did not get my bank account number. They did get one of my debit card numbers, however they got it and they went to go and spend it. And what they did to fool me to try to fool me was they used the debit card and my phone number associated with it to flood my email box and my phone with a bunch of messages about subscriptions.
(05:58):
And I think the goal in doing that was if I’m flooded with a ton of messages about subscriptions, I’m confused. I might mass delete all of them and I miss the message from my bank that says, “You have a suspicious transaction. Do you want to do something about this? ” So I think that’s the … So if that happens to you, if you suddenly get like a hundred subscriptions to something, it’s like, “What is this? What is going on here?” Do not click any links in any of them, do not reply to any of them, but don’t mass delete them. Go through them one by one because within those new messages, one of them could be your bank telling you, “Hey, we suspect fraud.” And you accidentally delete it because it’s buried within all these other fake messages. They’re sneaky as the old Connect four commercial would say, “Pretty sneaky, sis.
(06:43):
So where do fraudsters get our debit card numbers from? Here are, I think I’ve got here six primary ways of fraudster. We’ll try to get your debit card number. Number one, data breaches. It says here, large retailers, online merchants, healthcare providers that store payment information. When cyber criminals hack these databases, they can steal thousands or even millions of debit card numbers of one. So I think it’s not if your debit card gets stolen, it’s when, because if you use it and you buy stuff, that info is just out there and these cyber criminals are very aggressive to try to get it. Number two is the phishing attack. Oh, this is also not just for debit cards are hard, but I’ll be honest with you, I think I would rather … Yes, honestly, I would rather have my debit card stolen than I would have my credentials logging in for social media a thousand times over.
(07:33):
I know Gavin Ortland got locked out of his account a while back and he had to appeal to people to get it reopened again. And let’s say you’re on X, you have an account and you get an email from X saying, “Hey, we need to authorize your account. There’s suspicious activity. We need to presume this is you. ” And you go and you click on it, log in here, you give your username, your password. And it turns out the email you got is from not X.com but Xcustomerservice.com, not actually from X or Facebook or Instagram. It’s a phishing email. They’re not affiliated at all. They’ll use the banner, they’ll use the logos. It’ll look indistinguishable until you look at the website. So the bottom line is there is you just should not … Don’t click links and emails. Don’t download cursors. I remember you’re always telling your parents back in the 90s, “Don’t download cursors, grandma, you’re going to get a virus.
(08:23):
I’m going to have to get my McAfee out to fix it. ” Norton Antivirus. So don’t click on it, don’t reply to that, go directly to them. And this can happen also when you get text messages, when you get emails from your bank saying, “Hey, there’s a problem. Respond here.” Don’t reply to the text or to the email, just call the bank directly and make sure when you Google and you search and say, “Oh, this is the actual number. This is the bank’s official website. This is the official phone number. I’m going to call and I’m going to go through it in that way.” Because if you lose your social media credentials, it’s hard to get them back. Like X a. K. Twitter, I’ll always call it Twitter. There is no customer service line you can just call. There’s no one to go to for help.
(09:02):
All you can do is just post on your thing, X, help me. I was locked out of my account and pray somebody sweeps in from their customer service and helps you. There’s no one there to help you with that. It’s so big and monstrous in that effect. And that happened to Gavin and he had to have people reach out on his behalf to get it restored. And he said it happened because he replied to a fraudulent email. So phishing, way people get debit card numbers. I mean, I don’t think that’s what happened to us. I think it was probably a data breach or maybe this next one, card skimming. They might put it into gas pumps, ATMs, so I’m going to steal your data and it’s hard to detect. And it’s like, I don’t know what to do about that. You can tell if you see that the tape is broken on a gas station thing or it looks a little suspicious, wires exposed, it’s rickety, something to be concerned about.
(09:51):
Malware and spyware, you click on something random on the internet and installs spyware that goes through and when you input your debit card, if it logs the keystrokes and sends it back. The last two aren’t even really that technical, just physical theft. People find your wallet, they get your debit card and they go on a spree with it or social engineering where a person may call a bank or a merchant asking for assistance, “I need help. I lost my debit card. Please help me. ” And they take advantage of people’s trust and niceness to get the information. So a lot of these things, there’s nothing you can really do about it. If there’s a data breach, not much you can do, you can just try to avoid phishing emails, weird card skimmers. At the end of the day though, it’s just about being vigilant, like keeping track of your accounts, go and check on them often.
(10:40):
And I would recommend setting up alerts in your account with your bank and your credit card. That way if someone tries to do a big push and purchase something, if there’s a large purchase, it immediately lets you know because if someone steals 20 bucks from you, I mean, that’s annoying, but if it’s like 200, $2,000, $20,000, 1,000 bucks, they tried to get me four $1,000 purchases, it’s a lot more of a headache to deal with. So I hope that is helpful for you. I’ll help my little run in with the fraudsters pray for them. It’s always like, I want to get them like, no Lord, please pray that they will repent of their evil and they will come to see just the wrongness of their actions and that they will trust in you, Lord, and just repent of this and not end up in a very, very, very bad place for all eternity.
(11:26):
So thank you all so much for listening and I hope you all have a very blessed weekend.