Various forms of social engineering fraud, including notifications to customers alleging unauthorized use or hacking of their credit cards, are on the rise. Scammers are using different methods to deceive people in the name of BCA. Previously, they would call potential victims and pretend to be BCA Customer Service. Now, scammers are also sending emails that appear to be from an official BCA email account!
Chronology of Fraud
The following is the chronology of the fraud.
1. Impersonating BCA
The scammer impersonates BCA by creating an email with a profile that looks official, and an account name that closely resembles a BCA email address.
2. Providing Suspicious Transaction Information
The scammer, pretending to be BCA Customer Service, sends an email explaining that the customer’s credit card has been misused. If you receive a notification of a credit card transaction that you didn’t make, it’s important to immediately dispute or block the card. Victims may panic when reading the email, and if they’re not careful, they could be deceived by the information provided.
3. Pretending Not to Ask for Personal Data
The scammer advises the victim to dispute or block the card and provides a link to do so in the email, in an attempt to avoid suspicion.
4. Asking to Block Yourself Through the Link
Through the email, the scammer asks the victim to block the card themselves using a link that, if clicked, leads to a fake form resembling the official BCA website.
The victim is prompted to enter their credit card data, including the credit card number, expiration date, and CVV code found on the back of the credit card.
In the next step, the victim is asked to enter the OTP code sent to their mobile phone, paste it to the box provided, and the click the SEND button.
Instead, the scammer obtains the OTP code, which is meant to be confidential, ultimately breaching the victim’s credit card!
Tips to Avoid Fraud
Here are some tips to avoid fraud.
1. Don’t Panic
The information about a suspicious transaction on the credit card is a social engineering technique used to make the victim panic and easily follow the scammer’s instruction. It’s important to stay calm when dealing with incidents like this.
2. Recognize BCA Official Email
Pay attention to the sender’s email account, which is usually similar to the official BCA email or is masked.
The official BCA email has a suffix such as @bca.co.id or @klikbca.com.
If in doubt, contact Halo BCA at 1500888 or via the haloBCA application to confirm the authenticity of the email received.
3. Don’t Just Click Any Link
Fake emails often contain links that ask victims to provide personal data.
BCA Customer Service never asks for personal data through any means, including links.
If you encounter such a situation, ignore the email and refrain from clicking any provided links.
4. Blocking through BCA’s Official Channel
If you want to block your credit card, please do so through official channels, such as the myBCA app or BCA mobile.
You can also contact Halo BCA at 1500888 or use the haloBCA application to blcock your credit card.
5. Always Keep Your Data Safe
It’s crucial to always safeguard your personal banking and credit card information. Do not share it with anyone to prevent misuse by unauthorized individuals.
Always keep your banking data confidential such as card number, PIN, CVV/CVC, OTP code, etc. If you have been scammed, immediately contact Halo BCA di 1500888.
Share this information with others to help protect them from this type of fraud.
You can also check the related article here. Sharing this information can help others protect themselves from this kind of scam.