Got Scammed for cancelling expedia booking and also clicked a link

Hi everyone,

I’m reaching out to this community in hopes of getting some advice and guidance. Recently, I fell victim to a sophisticated scam that I thought was Expedia to call to cancel booking. This was not the case as it was some scamster and he pretended to be expedia and told about booking and ask us to pay 600$ and we will refund the rest of money in 2-3 billing cycles. In a moment of haste, I ended up paying $600 to what I believed was Expedia for travel services. The scam didn’t stop there; they also convinced me to click on a link, which I’m now worried might have compromised my personal information further.

Immediately upon realizing the mistake, I flagged the transaction with my credit card company to dispute the charge. However, I’m at a loss for what additional steps I should be taking to mitigate any further damage and protect myself from potential identity theft or other scams.

Any ideas or things i should do?

V

Stop using the device on which you clicked that link, at least for a while. Change passwords on every account with a saved password on that device. Monitor every bank account and credit card for suspicious activity, every week, for the next six months.

Call the credit bureaus and freeze your credit, so that nobody can issue credit in your name without you calling them to unfreeze it.

I’m sure there’s more but these are first steps.

May every scammer have a Flying Ginsu in their future.

Formatted the Mac I clicked it on. Monitoring all the banks and credit cards etc. Most have 2 step verification.

Pissed off that I clicked a link

I’d like to think of myself as someone aware of phishing and other scams, particularly being DOD, and having to take cyber awareness training annually. My spouse is a credit analyst at a large bank and I helped him study for FCRA and other exams. It’s crazy the lenght scammers will go to…

About 4 years ago, I placed an ad on CL to sell a used vehicle. At the time, I wasn’t 100% sure I wanted to sell it, so I put in on there instead of sites requiring better seller verification.

One morning, at work, I got an email showing interest from a buyer indicating interest. The correspondence between us lasted a good 2 hours or so. I felt they were serious about purchasing it. They requested a vehicle history report (not carfax, can’t recall the name) and had me click on a link & pay $19.99. Almost immediately, I realized I had just got scammed, and called my cc to report it. They canceled that card and sent out a new one. Luckily, I didn’t encounter any other issues.

Smart on you to realize quickly and flag it with your cc company.

Some advise though; make sure the device you used has a antivirus (make sure its up to date - as new trojan viruses are introduced regularly). Change the PW to any email/websites associated with the link you clicked. If you use the same password(s) associated with the(se) compromised accounts, with other accounts (say you use the same email/password combination with your bank & gmail), change your gmail password(s) too. They can be posted on the dark web.

Depending on your cc company(ies), you may have the option to enroll in active credit monitoring. Chase, Cap 1, and Amex offer those for free. As @Spoonman stated, make sure you freeze all 3 of your credit bureaus, asap. You can also place a fraud alert with each bureau.

Also, be aware some cc do provide fraud-free protection, while others don’t. It’s always best to make your financial institution aware immediately. If you haven’t already, review your cc(s) T&Cs to be well informed.

If you do have to cancel your cc # & they send you a new one, and you have bills/regular charges on autopay, make sure you change the respective cc # so you dont run into issues.

We’re all susceptible to falling for scam, unfortunately, and it happens to the best of us, so don’t beat yourself up too much. Just be aware and more diligent from now on. There’s tons of resources online, too, if you need additional help. Feel free to ask if you have any other questions.

Last piece of advice - don’t use third party online travel agencies (OTA). It’s always recommended to book directly with the airline/hotel chain; if issues arise like delayed/canceled flights, and you book through an OTA, you lose out on a lot of protections. Same with hotels - overbooked via OTAs and many have reported the hotels not showing reservations. If you do decide to go with hotels via OTA, call the hotel directly after booking to confirm it shows on their end.

Good luck & lmk if you have any questions!

Thanks for detailed response. I am mostly worried after that we logged into multiple bank accounrs and some website where we have some personal sensitive stuff. It was before I formatted the Mac. Though changed the passowrd now. Also have 2-step authentication enabled wherever possible but leaks do happen.