A hotel receptionist in Norway — deep in the throes of a brutally slow night shift — decided to cure his boredom by engaging an obvious scammer. After receiving an email from a person named “Scooter,” who wanted to book a long stay and prepay with a credit card, the receptionist decided to play along. The receptionist ran the credit card and received a “declined” response, but told Scooter the card went through. Predictably, Scooter then sent a cancellation request, asking for a refund, but to a different credit card. He explained that he had lost his wallet containing the credit card he had booked the room with. Meanwhile, the receptionist discovered Scooter’s Facebook account and found that his profile indicated that he worked for a hotel. The receptionist immediately called the manager of Scooter’s hotel, who exploded in anger and confirmed that the credit cards belonged to recent guests. The manager promptly reported Scooter to the police. The receptionist wasn’t done. He then called Visa and Mastercard International and gave them all of Scooter’s information, including the Polish bank account he was using for the refunds. Long story short, Scooter no longer works for the hotel, and his accommodations are now provided by the “big house.” This story is a great reminder of the basics of fraud protection. Never share your full credit card details over an unsecured channel like email. Scooter was able to get his hands on these numbers because the guests at his hotel likely weren’t following this simple but crucial security step, turning their vacation into evidence in a police report.
