• @jqubed
    link
    English
    2702 months ago

    Are you sure this isn’t a scam?

  • @indomara
    link
    English
    2422 months ago

    That is a scam, they probably send mass texts linked to tracking numbers that have a registered phone number.

    • @[email protected]
      link
      fedilink
      English
      502 months ago

      I remember one of the funnier scams.

      They said they were from USPS, and in order to finish shipping, they needed me to pay the tariff.

      It didn’t have anything about me. No login. No address. No tracking number. It just wanted me to hit that pay now button.

      But even then, why would I pay a tariff for something I didn’t order?

      • @[email protected]
        link
        fedilink
        English
        432 months ago

        They didn’t send it just to you. They sent it to millions. If even one person happened to order something internationally and be stupid, it’s already worth it.

      • @[email protected]
        link
        fedilink
        English
        112 months ago

        For a while (and still every so often), I received fake texts from delivery companies, but they always referred to me as “There”. “There, we tried to deliver your package…”, “There, your package may be returned if you don’t click this link…”. I was curious what I typed in and where that they recorded my name as “There”.

      • @Viking_Hippie
        link
        English
        82 months ago

        I get that once in a while here in Denmark too, only replace USPS with PostNord, sometimes DHL or GLS

      • @Buddahriffic
        link
        English
        62 months ago

        And this is one of the ways to filter random scams. If a legitimate business or public entity is reaching out to contact you about an issue you need to deal with, they will know some identifying information about you. Especially the ones claiming that there’s a warrant (or will be). If that was the case, they would definitely know your name and other specific details.

        That said, there are targeted scams, too, so don’t assume that if someone can tell you your name that they are legit. Ask them for a callback number (don’t call it, ask because they might be dumb enough to give you a number linked to them that you could pass on to investigators), then hang up and call the number you looked up online.

        • @hexdream
          link
          English
          42 months ago

          Be careful looking up numbers online as well. There are lots of fake numbers and sites out there. Use previous known good communication as your guide for contacting the specific entity you are trying to contact. If at all possible. Also, smammers seem to have databases of scraped and leaked data so will often pull up your data based on your caller ID or other info you may disclose to them. Be careful out there.

    • @[email protected]
      link
      fedilink
      English
      62 months ago

      Don’t even need an associated list, just a random list of phone numbers. People online shop enough.

      • @grandkaiser
        link
        English
        9
        edit-2
        2 months ago

        Banking network engineer here: Never give out your login details. Not to your mom. Not to your brother. Not to me. Not to a company. Not to a random guy in India. Don’t do it.

          • @grandkaiser
            link
            English
            22 months ago

            lol whoops. I do like the idea of that tho.

        • Possibly linux
          link
          fedilink
          English
          22 months ago

          Agreed. However, there are services that login on your behalf. It is incredibly dumb but they exist.

          Just to be entirely clear, DO NOT GIVE THEM YOUR LOGIN

          • @grandkaiser
            link
            English
            62 months ago

            Partners are the stupidest fuckers on the planet. I won’t name names, but I have sicced my governance team on fucking http (NO S) websites, usage of certificate pinning, public-facing databases! (Protected by a shitty 2000’s-era username+password login interface) transferring credit card numbers in CLEAR TEXT. I swear I’ve seen every possible idiotic move from partners.

  • @[email protected]
    link
    fedilink
    English
    2102 months ago

    Ask them for their bank login details so you can deposit the money directly into their account.

  • magnetosphere
    link
    fedilink
    1292 months ago

    I would be completely astonished if this was legit. If you’ve already filled out the form, change you banking password and contact your bank immediately.

  • @Burn_The_Right
    link
    English
    106
    edit-2
    2 months ago

    It’s probably against your bank’s TOS to give your password to a 3rd party. No way this is legit. Run away.

    • @hexdream
      link
      English
      92 months ago

      My understanding is that should you disclose your credentials you would generally void any fraud protection the banks may offer.

    • Possibly linux
      link
      fedilink
      English
      -22 months ago

      It probably is. Its for convenience reasons. They pull up your bank page in the background and automatic login and parse the page.

      It is incredibly dumb and I would strongly advise against it

      • Echo Dot
        link
        fedilink
        English
        22 months ago

        Why would you need to give them your login details why couldn’t you just sign into your bank account yourself? You still have to provide the details either way so it’s not convenient.

      • topher
        link
        fedilink
        English
        242 months ago

        🎶 Ooh baby don’t you know I suffer Oh baby when you phished my bank You sent me to a dodgy website Using a convincing link

        Ooooooh-ooooh You drained my bank account Ooooooh-ooooh You drained my bank account🎶

  • @1luv8008135
    link
    English
    492 months ago

    Google seems to suggest they’re some sort of fintech company out of South Africa? Either way if that’s their product then I’d run a mile in the other direction, and then another just be sure.

    • topher
      link
      fedilink
      English
      112 months ago

      Yeah no. Plaid is one thing but giving access to your bank login to pay an invoice is something quite another. If it’s legit they can accept a card payment, or send you to a PayPal invoice.

    • @tourist
      link
      English
      9
      edit-2
      2 months ago

      Yep. They’ve been around for years.

      Normally you would just give them your card info like any other online pay site like PayPal etc. but I don’t know why they suddenly decided to give everyone at the company a deluxe lobotomy

      I saw this shit yesterday when I was trying to buy a weed cart online (still not sure if it’s legal or not. I still hear stories of those moron cops arresting people for “drug possession” i.e. didn’t pay a bribe)

      Noped out and just gave the clearnet grey market drug website virtual card info that’s gonna expire in a few hours anyway

  • no banana
    link
    English
    462 months ago

    Well that’s a scam

  • @Treczoks
    link
    English
    432 months ago

    Don’t. And report them to your bank.

  • Possibly linux
    link
    fedilink
    English
    392 months ago

    I’ve seen this in a few places

    Just to be clear, the answer is absolutely NO.

  • @anarchyrabbit
    link
    English
    332 months ago

    Seen the same thing with other third party payment systems in south africa. Run away my dude.

    • @hexdream
      link
      English
      42 months ago

      As a fellow saffer, and a person who works with scam victims, I’m curious as to what services asked you to do that? Feel free to pm me.

    • @[email protected]
      link
      fedilink
      English
      12 months ago

      This kind of stuff got legalised in Germany: Banks said that e.g. Sofortüberweisung was instigating their customers to break their TOS and should be shut down, anti-trust then said “nuh-uh you can’t just shut down legitimate business” (Sofort is indeed legitimate) and instead put third-party systems under banking regulations, and required ordinary banks to have APIs allowing third parties do do sensible things.

      …which theoretically could mean that you’re sent to your actual bank to authorise and thus getting rid of the normalising phishing problem, dunno, haven’t checked I’m boycotting them out of principle for going down that route in the first place. Don’t serve any purpose now that we have real-time transfers, anyway.

  • @[email protected]
    link
    fedilink
    English
    312 months ago

    Make sure you email them your mothers maiden name and date of birth too, just to be safe it goes through