RT @DigitalLawyer: --> Once I gave my member number, the attacker used the password reset flow to trigger a text message from the bank. --> They used this to gain access to the account. --> Then read some of my transactions to give the call more credibility [t]2019-10-10 17:41:51
RT @DigitalLawyer: --> Needed the pin to send money, failed at that step. --> Everything before the "what is your pin" seemed totally legitimate. English was perfect. The bank verification code, sent by the expected number, tricked me. --> The asking for my pin over the phone... not so much. [t]2019-10-10 17:41:52
RT @DigitalLawyer: Stay safe out there people.
And now... joyfully resetting all my passwords, filing a police report, getting additional fraud detection in place.