4

Made a large purchase order on a site with a safe Norton rating and A+ BBB rating. Noticed I put the wrong shipping address, called the number on the site, and I got the order canceled and received an email, however, I was debited the amount and I have the following line item on my rolling bank statement:

JAN 27  Hold: Payee Name: PRE AUT **** (REDACTED STORE NAME) ; Reason: ******   $500.00

* = redacted random positive integer

I was told by the person on the phone that the hold should release within 48 hours, so did my banker. However, shortly after this, I received an email from "noreply@enfactnotifications.com" with the details of my order requesting that I call the provided number to make sure the transaction was authorized by me:

Cropped image of fraud protection alert

My banker mentioned that "Unfortunately we are unable to do anything about the pre authorization on your account for that amount. It is planned to either hard post to your account or fall off of your account on Monday." This is what has me worried, in light of the fact that I received what appears to be a phishing attempt shortly after I made a purchase and then canceled over the phone. How can I force non-payment to the vendor given my reservation that something is afoot? Am I too paranoid? I forwarded the email to spam@uce.gov (cc-ing noreply along with the message), and my bank's management staff.

So, basically, I have a potentially genuine cancellation email enacted via phone from a number provided on the presumably safe website, but I've got a hold that might hard post.

Of note, I managed to find the organization that owns the domain name "enfactnotifications.com" via ICANN. The organization is Fiserv, Inc., which appears to be authentic:

Image of ICANN WHOIS results page

lzam
  • 621
  • 3
  • 13
Domemy
  • 45
  • 1
  • 1
  • 8

2 Answers2

6

You need to talk to your bank. If you're unable to contact your bank until Monday, then wait until Monday. Don't fixate on the idea that the transaction may "hard post" on Monday. If it happens, it happens, but it's not the end of the world.

Even if the transaction posts, it's not the end of the world. If the retailer is legit, they will refund your money, although it may take some time for things to get sorted out.

Even if the transaction posts and the retailer is not legit, it's still not the end of the world. Your bank may help you in trying to recover the funds. That's why you need to talk to your bank.

As you have realized, blindly calling the number in the email is not a good idea, because if it's fake, you're calling the scammers. Instead, what you should do is try to contact your bank through known trusted channels. That is, look on your bank's website. Do they have a phone number listed for fraud reporting or related inquiries? Is it the same number you see in the email? If so, you can call it. If it is not the same number, but the number on your bank's website is a 24-hour number, you can call them at that number and tell them the situation.

Based on what you've described, my own guess would be that the retailer is legit, but that the unusual large transaction was flagged by your bank as potentially fraudulent, which is why you got the email. The fact that you happened to get the email just after canceling the order could be a coincidence. This is especially true if all this happened in a short time. Information about these transactions can't be transmitted and analyzed instantaneously, nor can emails be sent instantaneously; there may have been a delay in sending the email so it only arrived after the cancellation.

As far as your worries about how "enfact" got your info, it is likely a fraud-detection service used by your bank. Doing a bit of googling reveals that it appears to be a legit service, but there have also been instances of phishing attacks using faked "enfact" emails. However, from what I see, these worked by trying to get you to click on a link, not call a phone number. Also, if a scammer is able to send you a scam email that includes your actual order details, that's not a phish, it's an outright hack. In that case the bank and/or retailer (whichever was hacked) would certainly want to know about it and would likely fall all over themselves trying to refund your money to avoid negative PR.

BrenBarn
  • 24,042
  • 6
  • 61
  • 82
0

Call your bank and inquire if they send out the kinds of notices like the one you received. Don't call the number in the message, because if it is a scam, you're calling the scammers themselves, more than likely.

Be very cautious about this situation, and if your bank is local then it might not hurt to pay a visit to a local branch to talk to someone in person. Print out the message(s) you receive to show them and let their fraud division look into it.

Daniel Anderson
  • 10,136
  • 4
  • 23
  • 47