6 Common Credit Card Scams in the Philippines [Facebook Stories]

I consider myself an advocate of responsible use of credit cards, and part of that responsibility is the security of these financial tools against fraud and scams.

It’s apparent that we don’t want to end up paying off debts that in the first place are not ours, but the trauma and trust issues among other psychological aftermaths are far more difficult to deal with.

So far, I haven’t fallen prey to these, something I am very thankful for, but I won’t wait for that to happen while I have my own means and measures of protection. One, for instance, is being aware of these scams and schemes.

Browsing through posts on a Facebook page for credit card users and applicants, which I am a follower, I came across another alarming, otherwise infuriating incident of credit card scam.

So I found myself searching for more of these until I got the idea of resharing the stories here for wider reach and public awareness.

Basic Credit Card Safety Measures

But before that, let me share first these basic safety measures for credit card safety:

• Do not disclose credit card details, particularly the CVV/CVC, PIN, and transaction’s OTP (your last walls of defense) to anybody else.
• Be suspicious about credit card offers and calls from regular prepaid mobile numbers.
• Use your credit card only in secure payment channels and avoid suspicious websites and apps.
• When paying using a physical card, never let it slip out of your sight.
• Check your online credit card account regularly and examine your monthly statements of account.
• Waste no time to report to the bank or issuer if you think your credit card safety is compromised.

6 Common Credit Card Scams in the Philippines (Plus Tips to Avoid)

[1] ‘Just Add Extra for Merienda’ Credit Card Express Delivery Scam. It is a petty scam in which the scammer makes a phone call or sends a chat message informing the prospect that the latter’s credit card application just got approved, and that it comes with an impressive credit limit.

Having convinced the prospect of the pandemic restrictions, residential address issues, or whatsoever, the scammer then offers a personal arrangement for express delivery via same-day couriers such as Lalamove or GrabExpress in exchange for minimal delivery and extra service (just for merienda or snacks) fees.

After giving in and sending these fees, the prospect, now a victim, gets suddenly blocked.

To avoid this, remember that banks and credit card issuers have their official partner couriers for card deliveries that are entirely free of charge.

Should there be any changes in the delivery address, the consignee (receiver) must arrange it with the bank’s customer service representative as these couriers are normally not allowed to decide on this matter despite the consignee’s insistent request.

[2] ‘It’s Now or Never’ Card Upgrade Scam. Out of the blue, the credit cardholder receives a call from an alleged customer service representative of the card-issuing bank. Still a riddle, this scammer knows everything about the client, even the credit card account details.

After the typical client verification, the scammer then offers the ‘it’s now or never’ card upgrade, usually to a platinum card, or something related to its security chips, sometimes even comes with gift certificates.

In some instances, a courier service to pick up the card is then arranged after the call. As the courier arrives, an envelope, which can never be doubted as fake as it appears exactly as the bank’s official, is handed for the victim to surrender and place the card.

Once it’s done, the scammer can freely use the card if not immediately reported. In other instances, a three-digit card verification value/code (CVV/CVC) number at the back of the card is simply asked from the unsuspicious victim, sometimes calling it just a typical serial or queue number.

To avoid this and as banks warn, do not ever surrender your card nor disclose the details unless to a ‘completely’ verified and trusted bank personnel. Your credit card’s CVV/CVC, PIN, and transaction’s OTP should never ever be disclosed to anyone else.

Equally worth mentioning, you should be at the height of suspicion if the caller is calling from a regular mobile number and not the bank’s official landline.

[3] ‘Let Me Double-Check the OTP’ Scam. It is disguised first as a credit card upgrade offer with all the promised points and vouchers or an inquiry whether the upgraded card has already been received.

Then, as the cardholder gets curious and gives in, the scammer discusses some technical stuff for the online account update or migration. Username and last four digits of the card, typically excluding the password for lesser suspicion, are then asked.

The scammer also tells the victim that an OTP will be received, and this should be disclosed to the bank upon visit for the completion of the account update and the release of the upgraded card.

The scammer however insists that the OTP be dictated over the phone ahead of the visit for double-checking. As it happens smoothly, the scammer gets the chance to access the online account as the OTP is normally for the account password change.

To avoid this, remember not to disclose your transaction’s OTP to anyone else. Even the customer service representative will simply ask you upon identity verification to dial the OTP and not to dictate it over the phone.

Should you receive a call regarding account update or so, it’s always better to visit the servicing branch instead for in-person processing.

[4] ‘Fraudulent Transaction Alert’ Scam. It presses the red button when unexpectedly an alleged bank employee calls and claims that a fraudulent transaction with the victim’s credit card almost pushed through, however was successfully blocked and prevented.

Relieved, the victim is then encouraged to have the credit card replaced to avoid any further fraud.

As usual, the scammer does the identity verification over the phone and sneakily requests the victim to check and give the three-digit ‘queue’ number (that’s CVV/CVC) at the back of the card.

To avoid this, make sure that the caller is a legit bank representative and is calling from a bank’s official landline, not a regular mobile number. Again, you must not disclose that three-digit CVV/CVC at the back of your card.

[5] Annual Membership Fee Waiver and Higher Credit Limit Scams. Who doesn’t want an annual membership fee waived? The scammer, who pretends to be a bank representative, knows what every cardholder wants and exhausts all the social engineering approaches so to convince the prospect about qualifying for the waiver, sometimes even comes with a credit limit increase.

As psychology explains this, people make bad decisions when an emotion, such as excitement, becomes so strong that the higher-level thinking parts of the brain just shut down.

As the scam starts to succeed in this stage, a more aggressive approach follows, i.e., the excited prospect is then demanded to disclose credit card details such as in particular the CVV/CVC, card expiration date, and an OTP.

To avoid this, again do not disclose such sensitive credit card details such as the card expiry date, CVV/CVC, PIN, and OTP.

Also, it is uncommon for banks to initiate an annual membership fee waiver, as in most cases, it’s the cardholders who make such a request by contacting the customer service and sensitive card details as mentioned are not even required for the transaction.

[6] SIM Swap Scam. You might have read about the unauthorized million-peso withdrawal from a credit card of a certain wife of Megawide Construction’s director and executive.

It’s a targeted SIM swap scam where scammers allegedly planned the virtual account takeover which might have begun with slow burn gathering of personal details through phishing and other means.

It goes this way — the unknown caller, or the scammer, calls and introduces himself as the head of an international courier company, DHL, or whatsoever.

Puzzled about the parcel delivery being discussed over the phone, the victim is asked to hold the line while the tracking number of the parcel is allegedly verified. As the call is dropped, the telco signal is also lost, hence the phone number gets deactivated.

Unknown to the victim, an impostor already goes to the telco service center and requests the suspension of the line while presenting fake identification cards.

With this, further calls and text messages intended to the victim are directed to the scammer’s device which then gives the latter an access to the victim’s digital accounts linked to the SIM.

Aside from the suddenly deactivated phone number, another red flag is when a stranger asks you to turn off your phone. It means that the scam is in progress.

While this is a technically sophisticated scam, the telco companies forewarn about personal information being shared on social media or elsewhere.

It is further emphasized to use strong and unique passwords, and add extra layers of security whenever available, to the digital accounts.

Eek! The technical skills and social engineering of these scammers have gone sophisticated. While credit card security features and all the government efforts are catching up, credit card users being at the frontline must take a fair share of responsibility in the prevention and suppression.

Sim Card Registration Act

Now, let’s see if these credit card fraud and scams will still proliferate in the coming months and years with the implementation of the Republic Act No. 11934, or the SIM Card Registration Act.

It aims primarily to provide accountability for those using SIM cards and aid law enforcement in tracking perpetrators of crimes committed through phones. That explains what makes it less controversial, but the public still have their divided opinions on this.

It is also seen as one way to boost government initiatives against scams perpetrated through text and online messages, which have become more prevalent in recent years.