Almost caught a phish

This morning I tackled the task of opening Tom’s mail. I was surprised to see that he’d gotten a Delta American Express card, since he already has two AmEx cards. Then I opened a letter from American Express informing him that his email address of record had been changed. I didn’t recognize that email address.

There was also a letter from Barclaycard, saying that they received his application for a Visa card with Apple rewards  but they needed to verify some things. Seems possible that he might have applied for that card. But I took both those letters to him at the hospital.

He said he hadn’t applied for either of those credit cards. I was very alarmed and I called AmEx, using the number on the back of my own AmEx card.

I had to confirm his identity, and the representative then told me that the new Delta card was the one with the fake email address being added. They said he could report it as fraud so that it wouldn’t hurt his credit rating.

In order to process the fraud claim, they had to talk to Tom himself. Figuring it would be short, I handed the phone to him. It was only a couple of minutes, but the representative was talking really fast, then transferred Tom to another rep who talked even faster.  It overwhelmed him.

Seeing the look on his face gave me a flashback to my own recovery when phone calls would completely shut down my brain.

So when I called Barclaycard, I was determined not to put Tom through that again. Before I called the 866 number in the letter, I reminded myself that I should not give them any additional information  in case it was a phishing scam.

The call went through fairly quickly and it was identified as the fraud department. The representative was very professional and asked the same questions as the AmEx person had.  So when he asked for Tom’s date of birth and the last four digits of his Social Security number, I rattled them off without thinking.

They said that they would mark his application as declined, and when they could talk to him they would mark this as confirmed fraud.

After I came back to the room, I suddenly thought again of not knowing that this number in the letter was legit. I did a quick search online and saw people complaining that this 866 phone number was a scam number.

I started to cry. I told him, “Honey I’m so sorry, I think I just did something really stupid.”

He was not happy. But he didn’t yell at me. He just looked so tired.

I looked up online how you are supposed to report identity theft. It’s handled by the Federal Communications Commission, but they have a separate website, At least you know that .gov domains are always legitimate.

I got the info and filed the form, which was converted to an affidavit. I also called Equifax to put a fraud alert on his credit file.

Tom and I went outside and tried to enjoy just breathing in the green leaves, the bark, the flowers, and the summer air. I asked, “Do you still love me?” and he said, “Yes!” He seemed to really mean it.

When I was back at the condo, I searched on the 866 phone number again. This time I noticed that some people said it was a legit number.

I looked up Barclay’s website and called their phone number. The customer rep seemed confused and said he could not locate Tom’s application. He also asked me for Tom’s full Social Security number.

Um, NO. I had to explain to him that Tom has had his identity stolen and so why on earth would I give a total stranger his full Social Security number?

I asked him whether the 866 number that I had called was legitimate. I had to ask him twice, and he said he didn’t know. He put me on hold. I was on hold for more than 20 minutes and I was literally just about to hang up when he came back on the line and connected me to a woman in Customer Security.

Oh my God, thank God, she confirmed that the 866 number was legitimate, that it belongs to Barclay’s security department.

I was so relieved. I texted Tom and told him that it was OK, I hadn’t given away his personal information.

The whole thing makes you realize though how vulnerable you are. We give away our information all day long when we trust someone at the other end of the phone.

I may be stupid. But at least I’m lucky.

Today’s penny is a 1998, the year that identity theft became a federal crime.

1998 July 23

4 thoughts on “Almost caught a phish”

  1. Yep, that always scares the crap out of me. I have (knock on wood) been REALLY luck in that respect.

    1. Good job sis! I hate it that I feel like I always have to be on guard but it’s just the way it is.

Comments are closed.