The threat actors are using many means now to find ways to get peoples credit card numbers, access to accounts with things like passwords and identity theft Sometimes thru data breaches (Georgia Tech just reported another large one), social engineering to hack networks, and using phishing calls thru old technology, i.e. your phone.
The latest one I have encountered is doing phishing thru a phone call. I recently received a call that either was recording and times for starting when answered or recorder kicked in, in my case it left a message on the recorder. The message said they were calling about a charge on my credit card for a renewal of an anti-virus program for $399 for a year. If I did not want this purchase to call them at 614-999-1243 and they would remove the charge.
Several red-flags immediately showed for me.
First, they said credit card, not what credit card. If they had charged this to my credit card then they should have told me if it was Diners Club or American Express or what ever.
Second, they said it was for the annual renewal to my anti-virus program. They did not say what anti-virus program and if they had just put this charge on my card, then they would know what product they sale.
Third, they said $399 for the renewal of the anti-virus program. I know of no anti-virus program this expensive, there are several above $50 per year but not over $100. Also, I use the free version of Avast, so there is no fee, it is free. If you do not have an anti-virus program or want to switch then my current suggestions are the free versions of AVG and Avast which both work well. You can also buy for less than $100 a year and some more functionality, but I like the free. Many AV products have a free functional version. Malwarebytes free version requires you to do a manual scan and does not monitor, where rest do scans automatic and monitor usually. Some like McAfee (which I have not had good success with) and Norton require you to buy them.
Fourth, they never identified their name or the company or credit card company calling from. I included the real number above as they really wanted that number called so not spoofed and a search of it on the Internet shows it is a robo caller I am describing and you can listen to the message out there. Maybe when FCC sees this number in newspapers and my other publishing locations they will crack down. Maybe.
If I had called the number I can tell you what would have happened. They would have wanted my credit card number and CV code so they could credit the charge they would have said. In actuality they would have then charged my card for who knows what all and how much.
If you get this call, ignore it. They have not charged your card, but are trying to get your card number so they can. Watch out for phishers and pay attention to red flags. If in doubt call your bank and /or credit card company.