A user on TikTok has gone viral after claiming someone tried an innovative method to have her reveal her bank details.
In a video with over 1.8 million views, TikTok user @loveliestlemon recounts the experience while warning viewers of potential red flags to look out for if they are suspicious of fraud.
“I’m not gonna lie, they almost had me in the first half,” the TikToker says.
@loveliestlemon #stitch with @alexiznwndrlnd #scam #spoofing #bankscam #fraud #staysafe ♬ original sound – Lovely Lemon
According to @loveliestlemon, she got a call from her bank’s phone number at around 9pm on a Friday night informing her there had been suspicious activity on her account. The TikToker lists the odd timing as the first red flag.
The creator says the caller then listed some charges that the TikToker did not make; the TikToker confirmed that the charges were not made by her.
The caller also allegedly stated and confirmed the TikToker’s name and address, which the TikToker had not provided.
After confirming the charges were fraudulent, the TikToker says the caller claimed they were going to send a new card in the mail. They allegedly also informed her that they would be sending her a confirmation number with a link via text message in 24 hours — something the TikToker marks as another red flag and a sign that she may be talking to a scammer.
Following this, the caller attempted to socially engineer the TikToker into confirming whether they had an iPhone 6, she says — the TikToker says she avoided the question and labeled it a red flag.
“Why would a bank need to know what kind of phone I had?” she asks.
It’s unclear what the purpose of this question is, but it’s possible that the caller was attempting to exploit a security vulnerability with the iPhone 6 that was recently discovered and patched. This vulnerability allowed “malicious websites to craft content, including PDFs and apps designed to execute unchecked code on your phone if you open it on Safari, Chrome, or another web browser,” per Digital Trends. The vulnerability was resolved in a software update in August of last year.
The caller then asked for the username for the TikToker’s bank account — another question she says she avoided and marked as a red flag.
Eventually, the TikToker says she got sick of stringing along the scammer and told him that she was simply going to call the bank back the following day. At this point, she claims the scammer got agitated and tried to keep her on the line — yet another red flag. The TikToker says she simply hung up.
The following day, she says she called the bank and confirmed that there was, in fact, no suspicious activity on her account and the caller had simply spoofed the bank’s phone number.
In the comments section, TikTokers offered more advice on how to prevent scams.
“Always hang up and call your bank back personally,” a user wrote.
“Be VERY wary of a text with a code,” a second noted. “They could be trying to access your account online and you’re giving them the code for two factor authentication.”
“Most cards can be locked through a mobile app,” stated a third. “Very useful tool, hell I keep mine locked until I use them.”
However, some noted that their current behavior makes them mostly immune from this kind of scam.
As one user put it, “First off I don’t answer phone calls. So I’m good lol.”
We’ve reached out to @loveliestlemon via TikTok comment.