This morning, I received a call from someone who identified herself as being from the MBNA credit card corporation. She said that there had been unauthorized changes of address on my account by someone who had supplied a number of aspects of my identity in order to gain online access. According to her, my address had been changed to some place in Houston, and then I’d been charged $900 in fraudulent expenses by the people using their newfound access.
At no point in the call did I supply any new information about my identity to the person who said they were calling from MBNA. I only gave yes or no answers when the representative asked about who I was and where I was living now. In fact, I was very nervous that this “MBNA representative” might actually be a phisher, someone trying to trick me into giving away personal information. WHen I mentioned this, the “MBNA representative” clucked sympathetically, said I was being very wise and careful, and told me never to give such information over the phone to someone.
After speaking on the phone for about 10 more minutes, the “MBNA representative” told me that at no cost to me I could be registered for a program called ITAC at the Identity Theft Assistance Center. The ITAC program would put a notice on my account requiring calls be made to my home phone number to approve any credit application. This sounded like a great idea.
And so I was transferred to another operator who said she was with ITAC. This operator answered a few of my questions, and then transferred me to yet another operator who said she also with ITAC. This third operator then began to ask me some questions. First, did I agree to allow ITAC access to my credit report? I agreed. Second, did I agree to allow ITAC to share information with other companies and the federal government? Yellow alert! I got very caution and asked why this was necessary. The federal government collects statistics on identity theft, I was told, and those other companies included the very lenders with whom fraudsters might try to use my information, so they needed to be notified. At this point, I gave a very cautious and reluctant agreement. Then the operator asked for my full legal name. I gave it, thinking, “hey…” Right after that, I was asked for my date of birth. I didn’t give my date of birth, but instead asked what sort of information I’d be asked for next. “Oh, your street address, driver’s license number, last place of employment, social security number… we need this information to identify you correctly and offer the fullest protection.” Didn’t ITAC already have this information, I asked? “Well, we need to verify it for purposes of quality assurance.”
At this point, I declined, verbally withdrew my assent for the “ITAC representative” to access my credit report and share information with corporations, and politely hung up the phone.
Now I’m sitting here wondering. Were those people I talked to really from MBNA and ITAC, or were they phishers trying to get my personal information? Am I being paranoid, or was I being given the runaround? If I was just being paranoid and those were people from MBNA and ITAC who were really trying to help me, how would I know?
Eeeeeeeegh. Before I take any more steps (starting with a credit report), I’m going to take a few hours to think this all through. Whichever way this turns out, I’ve got one big case of the heebie jeebies.