Sidebar Sidebar
Become a MacRumors Supporter for $50/year with no ads, ability to filter front page stories, and private forums.

iPad Ordered iPad from BestBuy and got scam mail from bank

ctjack

ctjack

macrumors 68000
Original poster
Mar 8, 2020
1,534
1,551
Hello and thanks for reading this.

I've ordered Ipad 7th gen on May 6. But payment didn't go through due to limits so i have used credit card of PNC bank. It went through and everything was ok. After 40 minutes as i paid with credit card on the website of BestBuy, I have received phishing email.

E-mail came from NoReply@pnc.com (i know could be fake header) and it was stating that they observed fraudulent activity with my card, so i have to go by URL to allow it or nor. But URL stated that it is not possible due to server load and plz call us at number below. When i called them, they were pretty legit except asking for my credit card number, security questions from banking (not mine but they tried to guess popular questions) and cvv code on the back.
Screen Shot 2020-05-12 at 16.02.42.png
The only thing that bothers me that i didn't use my laptop that evening and only visited Best Buy website to update payment options.
I guess they somehow got access to my Best Buy account information, that is how they took last 4 numbers of my card, amount paid and etc.
Looks like BestBuys payment processing is not compromised, but someone can see what you ordered, how much paid/email address/4 digits of your card right away from Best Buy servers to apply scam and phishing?
 
ctjack

ctjack

macrumors 68000
Original poster
Mar 8, 2020
1,534
1,551
AutomaticApple said:
Are you sure that you purchased that iPad from the real BestBuy website?
Click to expand...
Yeah, it is https and i can log in to my account. Also set up 2-FA. It is real web site.
sparksd said:
Google 855-866-6950 and you'll see you aren't alone.
Click to expand...
That is what i made in 1st place. But those people don't know how they got compromised and they got fake emails stating purchase without purchases. So they were just regular phishing and mine was targeted with specific information like card ending number, Name Last name, amount and biller.
So only my bank and best buy knows this information.
 
S

sparksd

macrumors G3
Jun 7, 2015
9,967
34,052
Seattle WA
ctjack said:
Yeah, it is https and i can log in to my account. Also set up 2-FA. It is real web site.

That is what i made in 1st place. But those people don't know how they got compromised and they got fake emails stating purchase without purchases. So they were just regular phishing and mine was targeted with specific information like card ending number, Name Last name, amount and biller.
So only my bank and best buy knows this information.
Click to expand...

Contact PNC with the specifics, making clear that you're not just making a report but that you'd like feedback from them on how this transpired. You should also contact Best Buy with the same.
[automerge]1589319356[/automerge]
DeltaMac said:
If you have some question about PNC Bank, and your account, call PNC bank. Don't use some random email phone number. (That number on your email is NOT PNC Bank.)
Click to expand...

Yeah, never use any phone # out of an email - go to the web site and make sure you have a valid one. And don't respond to the email, letting them know that they have a hit.
 
  • Like
Reactions: AutomaticApple, muzzy996, ctjack and 1 other person
ctjack

ctjack

macrumors 68000
Original poster
Mar 8, 2020
1,534
1,551
sparksd said:
Contact PNC with the specifics, making clear that you're not just making a report but that you'd like feedback from them on how this transpired. You should also contact Best Buy with the same.
Click to expand...
I have dealt with PNC's real Fraud Protection department, sent them scam e-mail and all info for their investigation. Currently waiting for an answer.
Thanks for an idea with Best Buy, i will try to contact them also.
=================
I am just interested how that happened? Or could be the case that i went with button "get this deal" on slickdeals, which used redirect to Best Buy's website with an iPad? Could be cookies lost during that?
 
  • Like
Reactions: sparksd
S

sparksd

macrumors G3
Jun 7, 2015
9,967
34,052
Seattle WA
ctjack said:
I have dealt with PNC's real Fraud Protection department, sent them scam e-mail and all info for their investigation. Currently waiting for an answer.
Thanks for an idea with Best Buy, i will try to contact them also.
=================
I am just interested how that happened? Or could be the case that i went with button "get this deal" on slickdeals, which used redirect to Best Buy's website with an iPad? Could be cookies lost during that?
Click to expand...

Report back on what you find out. I've ordered online from Best Buy myself without an issue but it would be nice to know about a possible hole. Good luck.
 
  • Like
Reactions: ctjack
ctjack

ctjack

macrumors 68000
Original poster
Mar 8, 2020
1,534
1,551
sparksd said:
Report back on what you find out. I've ordered online from Best Buy myself without an issue but it would be nice to know about a possible hole. Good luck.
Click to expand...
Sure i will keep you informed in this thread.
Overall i am happy that i didn't save my payment options at BB website. It will be easier for me to type in digits every time.

Also i am aware of Starbucks scam, when you link credit/debit card to your starbucks account, fraud can take an access to your account without changing passwords. So nobody will seek for 20-50 dollars used at starbucks, if one is consuming it a lot in a month. And even if you delete cc card from starbucks account, scammer still can withdraw money from cc card to starbucks account. Only closing the card helps. So this is really scary, since it is 2020 and this kind of holes are not closed.
 
S

sparksd

macrumors G3
Jun 7, 2015
9,967
34,052
Seattle WA
ctjack said:
Sure i will keep you informed in this thread.
Overall i am happy that i didn't save my payment options at BB website. It will be easier for me to type in digits every time.

Also i am aware of Starbucks scam, when you link credit/debit card to your starbucks account, fraud can take an access to your account without changing passwords. So nobody will seek for 20-50 dollars used at starbucks, if one is consuming it a lot in a month. And even if you delete cc card from starbucks account, scammer still can withdraw money from cc card to starbucks account. Only closing the card helps. So this is really scary, since it is 2020 and this kind of holes are not closed.
Click to expand...

Yeah, we look at at our credit card charges on the bank's website every day, making sure that something doesn't sneak through. And our bank is really good on calling on questionable charges.
 
chrfr

chrfr

macrumors G5
Jul 11, 2009
13,703
7,269
This doesn’t seem like a scam email to me. I’ve gotten notifications from my bank before if I’ve made purchases they didn’t expect. I’d suggest calling the main number listed on their actual website, rather than the one in the email, and ask them to verify.
 
S

sparksd

macrumors G3
Jun 7, 2015
9,967
34,052
Seattle WA
chrfr said:
This doesn’t seem like a scam email to me. I’ve gotten notifications from my bank before if I’ve made purchases they didn’t expect. I’d suggest calling the main number listed on their actual website, rather than the one in the email, and ask them to verify.
Click to expand...

The phone number in the email has been linked to a scam - it's a fraud.
 
arn

arn

macrumors god
Staff member
Apr 9, 2001
16,391
5,831
Do you have any Extensions installed on Chrome?

Extensions have a lot of access. And even previously legit extensions can be sold by their owners and become security risks.

arn
 
chrfr

chrfr

macrumors G5
Jul 11, 2009
13,703
7,269
sparksd said:
The phone number in the email has been linked to a scam - it's a fraud.
Click to expand...
It isn't necessarily. Banks don't publicize fraud department numbers. If it's a fraud, the fraudster would have had to have gotten access to the OP's bank account, so as I said, the OP needs to call their bank to verify, and should do so immediately.
 
S

sparksd

macrumors G3
Jun 7, 2015
9,967
34,052
Seattle WA
chrfr said:
It isn't necessarily. Banks don't publicize fraud department numbers. If it's a fraud, the fraudster would have had to have gotten access to the OP's bank account, so as I said, the OP needs to call their bank to verify, and should do so immediately.
Click to expand...

Like I said in my post above, Google 855-866-6950, the number in the email.
 
chrfr

chrfr

macrumors G5
Jul 11, 2009
13,703
7,269
sparksd said:
Like I said in my post above, Google 855-866-6950, the number in the email.
Click to expand...
I did. I saw several responses which said it actually was PNC's fraud department, and several that said it's not. It's not conclusive either way.
 
  • Like
Reactions: compwiz1202
You must log in or register to reply here.
Register on MacRumors! This sidebar will go away, and you'll see fewer ads.
Top Bottom