Beware: Greatest Social Media Scam Ever

Credit Card Theft
Originally uploaded by Don Hankins

I think I’ve uncovered one of the greatest potential social media scams out there today. I don’t think I’m being irresponsible in writing this post, because I don’t think I’m so brilliant that I’m the only one that thought of it. I want businesses to be aware of how their customers could be scammed by impostors and social media users and customers to be on alert for rogue callers.

Like many of you, I use Twitter and Facebook as a way to interact with various brands. When all else fails, a good blog post or a well crafted tweet gets the job done in the world of customer service. You can get contact information from the company and usually speak to someone in the President’s office. It is an awesome way to cut through red tape. Locally, Sunflower Broadband does a very good job with this and nationally I’ve had great success with AT&T.

Recently I faced a roadblock with my Citibank account. They were flagging charges as “suspect” and forcing me to call them to authorize the purchase over the past few months. This was frustrating, annoying and downright embarrassing. Apparently (and you’ll love this) they flagged my new iMac as an unusual purchase. Really, Me, a Mac? Talk about a flawed system. I’ve been written up in CNN and I’m a professional writer for TheAppleBlog. My first Citibank credit card was the Citibank Apple CardThat’s a bit overprotective in the fraud department and it concerned me because the only items being flagged recently were computer related purchases.

After much fighting, I was told I was not qualified for “customer retention” and the rep cancelled my card because I said “If we can’t get this resolved, then I may need to close the account.” The representative went ahead and did just that without my permission and then refused to reverse her actions. Apparently because I pay my bills in full each month and on time, I’m not “revenue generating.” I wasn’t supposed to know this. To say I was annoyed was putting it mildly. I digress, but it’s important you know the background.

Back to the scam. I start tweeting with my @davegreenbaum and my @calldrdave account that I’m frustrated with Citibank (@askciti) and I went them to contact me. As stated, this usually results in top customer service. After half a day without a response (Twitter responses are usually very quick), I get a message to give them a phone number to call me. They said to be sure not to send them account numbers and passwords. That’s a good reminder and I appreciated it.

After several days without a response, I got a call from someone claiming to be Citibank. Caller ID didn’t show Citibank because I was on the cell phone, but often times calls like this show up as restricted. Caller ID can easily be forged. The gentleman was polite and claimed to be from Citibank’s customer service team. He asked for my account number.

This raised a red flag It is normally a bad idea to give out sensitive information to someone who has called me. Standard rule is I call the customer service department. I don’t give out account numbers to callers. I don’t know who they are and I did not initiate the call. The rep was aghast. He indicated I tweeted to them so I initiated the call. This is not really true since Twitter is public. My request to him was simple: I want to call the number on the back of my credit card and then be transferred to him. That’s a standard rule to prevent scams and is how to avoid phishing attempts. Don’t follow the link: call or go to the website directly. The rep couldn’t do that; amazingly there was no easy way to be transferred. After a series of phone calls and transfers, and 45 minutes I finally got to the caller. Citibank had no method in place to somehow validate its social media team through its main phone number.

When I deal with companies like AT&T and Sunflower Broadband, the social media reps allowed me to call the main number and get to the right person. AT&T’s social media team are usually in the Executive offices so they are easy to reach. The Citibank people never did quite get why I refused to give my account number and apparently have never had that request.

So here is the scam:

Everyone saw my tweet and anyone could be claiming to be from Citibank (or AT&T or Comcast or a myriad of other brands). They can ask for my account number without the ability to confirm the caller. How many people might fall for that? Way too many. Tweet something about a company you don’t like and either change the caller ID or block the number and say “Hi I’m from the social media team at [brand]. I want to get this issue resolved for you ASAP, I just need your account number.” How would they get your phone number? Google or various other places. It’s not that hard today.

Therefore scammers: the gig is up. People are on notice. Consumers: always be careful about anyone contacting you requesting private or confidential information and remember that social media requests are no exception. Call the main number and ask for the person. Don’t assume because they have your phone number and know things about your that they are legit since with a bit of research and some social engineering, a scammer could sound very legitimate with information about you.

Social media is a powerful tool to let the little guy (or gal) make her or his voice heard and get good customer service. Don’t be scared to use these tools but be safe and don’t give out sensitive information without confirming the identity of the person on the other end of the phone.

P.S. In spite of all I went through to speak with the Citibank Social Media rep, he was extraordinarily unhelpful. He wouldn’t even explain what Citibank’s customer retention program is or even acknowledge they have such a program. I went online and applied for a Chase credit card for my business and hope they don’t think it’s weird I bought a new iMac. Citibank lost me as a customer not just because of the initial flagging of the purchase without a way of preventing it from continuously happening, but also because of their wanton disregard of the privacy of my account and inability to reach the social media team through established channels.

Tags: , , , ,

4 Responses to "Beware: Greatest Social Media Scam Ever"

  • NNR says:
  • Nancy says:
  • Frankeliason says:
  • dgreenbaum says:
Leave a Comment

Copyright © DoctorDave Computer Repair in Lawrence Kansas |   intrepidity Theme by Top Blog Formula on WordPress |   Log In