1) "Hi, this is your bank. There was an attempt to use your card in Miami, Florida. Was this you?"
Me: <gives member number> (that number, by itself, is useless).
~ Gets verification pin text from bank's regular number ~
Me: <reads out the pin>
Me: Yes. These are all legitimate transactions I made
Me: Are you effing kidding me, no way.
Me: that is bs.
~ hangs up, calls the fraud department of bank ~
--> They used this to gain access to the account.
--> Then read some of my transactions to give the call more credibility
--> Everything before the "what is your pin" seemed totally legitimate. English was perfect. The bank verification code, sent by the expected number, tricked me.
--> The asking for my pin over the phone... not so much.
And now... joyfully resetting all my passwords, filing a police report, getting additional fraud detection in place.
Never a dull moment!