DoorDash ANZ OTP SMS Scam?

GenerallyClumsy on 24/06/2024 - 04:15

So, I received a perfectly worded OTP SMS from ANZ (see below). I didn't think anything of it and just assumed I'd lost my card until my partner received a similar message. She is much less careless with her cards, which makes me wonder if there is a broader scam going on. For example, a phishing attack on ANZ cardholders, priming them for a phone call pretending to be from ANZ.

Alternatively it's someone we both know has stolen our card numbers and needs the food. Maybe our card numbers were leaked in a large data breach.

My main reason for creating a post is ANZ can't confirm they sent the SMS and there were no attempted charges on my account.

From ANZ: Do not share this passcode with anyone, including ANZ staff. Xxxx is the one-time passcode for your online transaction amount of AUD 41.85* to DOORDASH.COM on your ANZ card ending 3433. If you didn't request this code, please call us immediately on 13 33 50 or +61 3 8699 6908 (overseas). *Excludes fees and charges (if applicable).

Financial

Related Stores

DoorDash
DoorDash
Marketplace

Comments

  • randomusername2017 on 24/06/2024 - 07:28
    +1

    ANZ card ending 3433

    Same on both SMS?

    Hard to see the scam given the contact details provided are for ANZ….

    • GenerallyClumsy on 24/06/2024 - 15:38

      Ending numbers valid and different for both of us.

      • randomusername2017 on 24/06/2024 - 15:50

        Bit of a worry… Matching cards and contact numbers, definite indication that something's compromised.

  • mynth on 24/06/2024 - 07:53
    +1

    TL;DR - Those are official contact numbers for ANZ, and you probably should reach out them.

    If in doubt, you should always try to independently find online any phone numbers, websites or contact email(s) you're required to follow up with. Phishing comes in many shapes and sizes, but characteristically often implies a confirmed, immediate threat. If a message gives you enough information to make you shit your dacks but not enough to do anything about it, you should always take the time to first make sure you trust any channels you're going to be dealing with.

    As an aside for this specifically, it holds that if this is a OTP to confirm a transaction that you wouldn't have any pending charges showing. Not sure why they couldn't tell you if they sent you a message (assuming by this point you'd verified you were the account holder). Baselessly speculating, it might be because of something along the lines of there being no legitimate situation in which you'd ever be required to share any code with support. Consequently, maybe there's a non-disclosure policy or no visibility given to support agents over this to circumvent future events in which people mistakenly 'remember' sharing sensitive details/confirmation codes in prior dealings.

    • Che0063 on 24/06/2024 - 09:42
      +1

      Please note, however, that it is very easy to spoof the sender of an SMS. Therefore, an SMS from a supposed valid number does not necessarily mean that the sender is the real one

  • RockyRaccoon on 24/06/2024 - 08:28
    +2

    I would contact them NOW on their official line.

    Its unlikely a scammer has the same card number ending that you have AND both users phone numbers. AND asking you to call a phone number that is the ANZ's number. Plus giving you a Onetime Pin number.

    There is no link to the "ANZ" website in the request, where this could be diverted so there would be not benefit to a scammer.

    The one time PIN number would be used only on the website the person who is trying to make the transaction. Who ever is doing this has your card details and probably the CVV code as well

    Have them reissue you with new cards

    BE SAFE not complacent.

    • richadam on 24/06/2024 - 10:13
      +1

      My main reason for creating a post is ANZ can't confirm they sent the SMS and there were no attempted charges on my account.

      Sounds like they have already contacted ANZ…

      • RockyRaccoon on 24/06/2024 - 20:37

        If it wasnt a message from ANZ, that didn't add up. I can only guess the person they spoke to at ANZ was wrong, which is a worry

        I see they have cancelled the cards so thats good.

  • askbargain on 24/06/2024 - 10:17

    They send SMS. You worry a bit. Scammer calls you asking about it. You think it's legit because the SMS looks legit.

    • GenerallyClumsy on 24/06/2024 - 14:56

      Yeah that's what I thought the scam was. Scammer has my card number and phone number but wants my banking login detal.

  • CodeXD on 24/06/2024 - 11:16
    +1

    The wording matches all my legit SMS from ANZ. If the last 4 digits matches your ANZ card I would definitely contact them again about it.

    My main reason for creating a post is ANZ can't confirm they sent the SMS and there were no attempted charges on my account.

    ANZ lists Outstanding authorisations as a separate section.

    There is a chance that the transaction got rejected due to not entering the passcode, however, that also means that your card has been compromised.

  • GenerallyClumsy on 24/06/2024 - 14:59

    On reflection, I'm assuming the SMS messages are real. I think it's likely that a restaurant we both order from was hacked, and someone is hungry. We cancelled our cards as soon as we received the SMS notifications. Banks really need to keep a log of all contact they make with their customers. On the other hand, ANZ's fraud prevention seems quite good, and it's great that they instantly update Google Play/Apple Pay with the new card.

Login or Join to leave a comment
Login Join