I was scammed, lessons learned

A couple of days ago, I received a call from a “No Caller ID” number. It was 5.30 pm and I was feeding my kids. It wasn't the best time for me to receive calls, but things seemed under control during dinner time, so I answered. To my surprise, it was the Qantas Money Fraud team, calling about some suspicious charges on my credit card.

The agent on the other side of the line did not ask me for any details but mentioned the last four digits of my credit card and my full name. Then he mentioned the suspicious charges, including the company names, amounts, and that it had been done in the last hour or two. I immediately said that it was not me and ask them to cancel the charges and the card. They then asked a few rutinary questions regarding the physical location of my card and potential suspicious activities online. I was quite impressed with the efficiency in detecting the fraud. After 20 minutes of conversation, the fraud agent said there was one final charge amounting over AUD $1,000 to a Mr. Porter and they would send me a text message to confirm the cancellation of this charge. I received the text and read the code. We concluded the call with me thanking them multiple times for their magnificent service while my children were shouting in the background.

Later that evening, when my kids were asleep, I saw another text. It read “Qantas Money Security Alert: We have temporarily blocked your card ending xxx as we noticed a suspicious transaction to MR Porter Milan (ITALY). Reply “Y” if this is a genuine transaction or reply “N” if you do not recognise it”. I thought it was odd, since I had already confirmed that this was not a legitimate transaction. Nonetheless, I responded “N”. Right after, I received a text urging me to contact “Qantas Money Fraud”. Again, I thought it was strange, but “It must be an overlap of the system”. ?

An hour or so later, they called me again. It was a different person, a lady from a Sydney number. She was very confused when I told her I had already been called. She kept saying this was for “something else”, but she kept mentioning the exact same details of that last transaction to Mr Porter. We kept going on a loop. I was starting to get anxious and frustrated with her, my tone shifting. All I could think was “It is late, I am tired, and I already spoke to your colleague”. Rightfully, she ended up giving up on me.

It was only the very next day, with the call of a third agent, that I discovered the reality behind all those calls. This third agent, after hearing the full story, quickly informed me that the Fraud team did not send codes for cancellations. To my surprise, the very first caller, kind, polite and with a British accent, was the actual SCAMMER. The key was the CODE. The CODE of the text I did not read and after missed. This realisation followed a long reprimand on not giving any information by phone or text and the dangers I thought I was very aware of.

After we hang up, I went back to my phone and scroll to check the first message with the code. The first text read “The Quote to complete your transaction to MR PORTER for GBP 720.0 is xxxx. Do not share this code by phone or email”. You can only imagine how foolish and careless reading this text made me feel.

I am very embarrassed of this situation; I feel I should have known better. But I hope that by sharing this story, others will be more careful. I certainly will not be overconfident about my security knowledge anymore. I could blame many external factors; starting for a very good scammer who used the same speech as the fraud team, but I did not read the text, and that is entirely my fault.

I am very thankful that it was a credit card and not a debit card, that Qantas Money have other systems in place, and that their fraud team did not give up on a vehement and confused Spaniard that thought she knew better.

My lessons learnt: You can never be too cautious and don’t get rid of your credit card.?