Writing to alert the community about a fraud attempt that might have happened due to data leak at OneCard.
Recently, I was targeted for cyber fraud and the scamsters had all details about my OneCard including my OneCard number, add on card details, Address etc. The volume of information these scamster had is scary and it looks like this was part of a data leak. As far as I recall I have never used my cards (primary + add ons) at the same merchant to be leaked from the merchant source nor is it easy to identify that these belong to the same card family as all the users have different surnames. The scamster had carried out similar operations in the past as the number had its record in TrueCaller (refer image).
Modus Operandi -
The call was in context of me consenting to change my OneCard provider to BOB financial and requesting the same to be verified with selfie. When confronted that I did not request any of these, they revealed that this is relation to your OneCard no. xx and your address xxx etc. They sounded very professional (even better than OneCard's actual customer care). While on call, I check for truecaller and was confirmed its a scam, I had disconnected the call. Next morning I got an unwarranted OTP from Dream11 exactly the way the gentleman has narrated in truecaller.
I have proactively disabled my cards and reached out to customer care but we all know about their non-existent customer service... This is how it went:
There is no resolution from OneCard's end rather they keep on asking the details of the fraudulent transaction. I was able to dodge the bullet so its business as usual for them and for them to issue a replacement card its 3000+GST for the metal variant.
Can any one help with their escalation matrix?
Recently, I was targeted for cyber fraud and the scamsters had all details about my OneCard including my OneCard number, add on card details, Address etc. The volume of information these scamster had is scary and it looks like this was part of a data leak. As far as I recall I have never used my cards (primary + add ons) at the same merchant to be leaked from the merchant source nor is it easy to identify that these belong to the same card family as all the users have different surnames. The scamster had carried out similar operations in the past as the number had its record in TrueCaller (refer image).
Modus Operandi -
The call was in context of me consenting to change my OneCard provider to BOB financial and requesting the same to be verified with selfie. When confronted that I did not request any of these, they revealed that this is relation to your OneCard no. xx and your address xxx etc. They sounded very professional (even better than OneCard's actual customer care). While on call, I check for truecaller and was confirmed its a scam, I had disconnected the call. Next morning I got an unwarranted OTP from Dream11 exactly the way the gentleman has narrated in truecaller.
I have proactively disabled my cards and reached out to customer care but we all know about their non-existent customer service... This is how it went:
- Chat - I could not block my card through chat as the bot could not understand any request.
- Call - Usually, the fraud & lost card selection followed by other details but OneCard had it as a normal option and takes time to reach the block card option. Once reached, I did not receive the OTP to block it.
- Email - Team takes 24-48 hours to respond. Emails are usually responded to over phone calls where the caller asks for my personal details like email & date of birth on the registered number. I denied sharing these as they can be pretending. The response on email after the long wait is very generic.
There is no resolution from OneCard's end rather they keep on asking the details of the fraudulent transaction. I was able to dodge the bullet so its business as usual for them and for them to issue a replacement card its 3000+GST for the metal variant.
Can any one help with their escalation matrix?
Attachments
