Become a MacRumors Supporter for $50/year with no ads, ability to filter front page stories, and private forums.

ctjack

macrumors 68000
Original poster
Mar 8, 2020
1,534
1,551
Hello and thanks for reading this.

I've ordered Ipad 7th gen on May 6. But payment didn't go through due to limits so i have used credit card of PNC bank. It went through and everything was ok. After 40 minutes as i paid with credit card on the website of BestBuy, I have received phishing email.

E-mail came from NoReply@pnc.com (i know could be fake header) and it was stating that they observed fraudulent activity with my card, so i have to go by URL to allow it or nor. But URL stated that it is not possible due to server load and plz call us at number below. When i called them, they were pretty legit except asking for my credit card number, security questions from banking (not mine but they tried to guess popular questions) and cvv code on the back.
Screen Shot 2020-05-12 at 16.02.42.png
The only thing that bothers me that i didn't use my laptop that evening and only visited Best Buy website to update payment options.
I guess they somehow got access to my Best Buy account information, that is how they took last 4 numbers of my card, amount paid and etc.
Looks like BestBuys payment processing is not compromised, but someone can see what you ordered, how much paid/email address/4 digits of your card right away from Best Buy servers to apply scam and phishing?
 

ctjack

macrumors 68000
Original poster
Mar 8, 2020
1,534
1,551
Are you sure that you purchased that iPad from the real BestBuy website?
Yeah, it is https and i can log in to my account. Also set up 2-FA. It is real web site.
Google 855-866-6950 and you'll see you aren't alone.
That is what i made in 1st place. But those people don't know how they got compromised and they got fake emails stating purchase without purchases. So they were just regular phishing and mine was targeted with specific information like card ending number, Name Last name, amount and biller.
So only my bank and best buy knows this information.
 

sparksd

macrumors G3
Jun 7, 2015
9,967
34,052
Seattle WA
Yeah, it is https and i can log in to my account. Also set up 2-FA. It is real web site.

That is what i made in 1st place. But those people don't know how they got compromised and they got fake emails stating purchase without purchases. So they were just regular phishing and mine was targeted with specific information like card ending number, Name Last name, amount and biller.
So only my bank and best buy knows this information.

Contact PNC with the specifics, making clear that you're not just making a report but that you'd like feedback from them on how this transpired. You should also contact Best Buy with the same.
[automerge]1589319356[/automerge]
If you have some question about PNC Bank, and your account, call PNC bank. Don't use some random email phone number. (That number on your email is NOT PNC Bank.)

Yeah, never use any phone # out of an email - go to the web site and make sure you have a valid one. And don't respond to the email, letting them know that they have a hit.
 

ctjack

macrumors 68000
Original poster
Mar 8, 2020
1,534
1,551
Contact PNC with the specifics, making clear that you're not just making a report but that you'd like feedback from them on how this transpired. You should also contact Best Buy with the same.
I have dealt with PNC's real Fraud Protection department, sent them scam e-mail and all info for their investigation. Currently waiting for an answer.
Thanks for an idea with Best Buy, i will try to contact them also.
=================
I am just interested how that happened? Or could be the case that i went with button "get this deal" on slickdeals, which used redirect to Best Buy's website with an iPad? Could be cookies lost during that?
 
  • Like
Reactions: sparksd

sparksd

macrumors G3
Jun 7, 2015
9,967
34,052
Seattle WA
I have dealt with PNC's real Fraud Protection department, sent them scam e-mail and all info for their investigation. Currently waiting for an answer.
Thanks for an idea with Best Buy, i will try to contact them also.
=================
I am just interested how that happened? Or could be the case that i went with button "get this deal" on slickdeals, which used redirect to Best Buy's website with an iPad? Could be cookies lost during that?

Report back on what you find out. I've ordered online from Best Buy myself without an issue but it would be nice to know about a possible hole. Good luck.
 
  • Like
Reactions: ctjack

ctjack

macrumors 68000
Original poster
Mar 8, 2020
1,534
1,551
Report back on what you find out. I've ordered online from Best Buy myself without an issue but it would be nice to know about a possible hole. Good luck.
Sure i will keep you informed in this thread.
Overall i am happy that i didn't save my payment options at BB website. It will be easier for me to type in digits every time.

Also i am aware of Starbucks scam, when you link credit/debit card to your starbucks account, fraud can take an access to your account without changing passwords. So nobody will seek for 20-50 dollars used at starbucks, if one is consuming it a lot in a month. And even if you delete cc card from starbucks account, scammer still can withdraw money from cc card to starbucks account. Only closing the card helps. So this is really scary, since it is 2020 and this kind of holes are not closed.
 

sparksd

macrumors G3
Jun 7, 2015
9,967
34,052
Seattle WA
Sure i will keep you informed in this thread.
Overall i am happy that i didn't save my payment options at BB website. It will be easier for me to type in digits every time.

Also i am aware of Starbucks scam, when you link credit/debit card to your starbucks account, fraud can take an access to your account without changing passwords. So nobody will seek for 20-50 dollars used at starbucks, if one is consuming it a lot in a month. And even if you delete cc card from starbucks account, scammer still can withdraw money from cc card to starbucks account. Only closing the card helps. So this is really scary, since it is 2020 and this kind of holes are not closed.

Yeah, we look at at our credit card charges on the bank's website every day, making sure that something doesn't sneak through. And our bank is really good on calling on questionable charges.
 

chrfr

macrumors G5
Jul 11, 2009
13,703
7,269
This doesn’t seem like a scam email to me. I’ve gotten notifications from my bank before if I’ve made purchases they didn’t expect. I’d suggest calling the main number listed on their actual website, rather than the one in the email, and ask them to verify.
 

sparksd

macrumors G3
Jun 7, 2015
9,967
34,052
Seattle WA
This doesn’t seem like a scam email to me. I’ve gotten notifications from my bank before if I’ve made purchases they didn’t expect. I’d suggest calling the main number listed on their actual website, rather than the one in the email, and ask them to verify.

The phone number in the email has been linked to a scam - it's a fraud.
 

arn

macrumors god
Staff member
Apr 9, 2001
16,391
5,831
Do you have any Extensions installed on Chrome?

Extensions have a lot of access. And even previously legit extensions can be sold by their owners and become security risks.

arn
 

chrfr

macrumors G5
Jul 11, 2009
13,703
7,269
The phone number in the email has been linked to a scam - it's a fraud.
It isn't necessarily. Banks don't publicize fraud department numbers. If it's a fraud, the fraudster would have had to have gotten access to the OP's bank account, so as I said, the OP needs to call their bank to verify, and should do so immediately.
 

sparksd

macrumors G3
Jun 7, 2015
9,967
34,052
Seattle WA
It isn't necessarily. Banks don't publicize fraud department numbers. If it's a fraud, the fraudster would have had to have gotten access to the OP's bank account, so as I said, the OP needs to call their bank to verify, and should do so immediately.

Like I said in my post above, Google 855-866-6950, the number in the email.
 

chrfr

macrumors G5
Jul 11, 2009
13,703
7,269
Like I said in my post above, Google 855-866-6950, the number in the email.
I did. I saw several responses which said it actually was PNC's fraud department, and several that said it's not. It's not conclusive either way.
 
  • Like
Reactions: compwiz1202
Register on MacRumors! This sidebar will go away, and you'll see fewer ads.