I was tricked by a phone-phisher pretending to be from my bank, and he convinced me to hand over my credit-card number, then did $8,000+ worth of fraud with it before I figured out what happened.
You say that, but I’ve had my credit card call me about a charge and the information they asked was too specific. I hung up and called the official number and they confirmed it was indeed true and didn’t understand why I thought the way they did it was a scam.
It’s scary how oblivious banks can be, and I think Brokkr is either lucky or optimistic about their procedures - I have seen even large banks like HSBC make “facepalm” mistakes like you described, and it sounds like Cory’s much smaller credit union might even have outsourced their nighttime call handling to someone very close to the fraudsters.
Still curious how they managed to use Cory’s card with just the card number and not the CVC2 code - is that a regional thing where some online shops aren’t required to use it?