Be on guard against “urgent” requests and unsolicited “deals” on the Internet.
FDIC Consumer News has reported how criminals masquerading as legitimate businesses or government agencies have tricked consumers into divulging valuable personal information over the computer, phone or fax in order to drain bank accounts. Here are our latest tips for protecting against new schemes using electronic devices.
Think twice before responding to “urgent” text messages. One recent scam involved a text message sent to cell phones and smartphones (a hand-held device to access the Internet and make calls) warning bank customers that their debit or credit card had been blocked for security reasons. The message urged users to call a hotline to unblock their card, but instead they reached an automated response system asking for their card number, personal identification number (PIN) and other information.
“Unfortunately, this was enough information for thieves to create counterfeit cards and commit fraud,” said Michael Benardo, Chief of the FDIC’s Cyber-Fraud and Financial Crimes Section.
Why are smartphone users now being targeted by scammers? “Smartphone users almost always have their phone handy and tend to respond to calls and e-mails quickly, so the expectation is that many of them may not realize that a message is fake until it’s too late,” Benardo explained. “Not only that, but fake Web sites are also harder to spot on a small screen.”
Be on guard against unexpected pop-up windows on Web sites, including your bank’s. If after you’re logged onto your bank’s Web site — or on any Web site, for that matter — and you get an unexpected pop-up window asking for your name, account numbers and other personal information, that is likely a sign that a hacker has infected your PC with spyware and is trolling for enough information to commit identity theft and gain access to your bank account.
“It’s normal for your bank to ask for your login ID and password when you first log in and to ask you to answer a ‘challenge question’ if you want to reset your password or start using a new computer,” advised David M. Nelson, an FDIC fraud specialist. “But your bank will not ask you — through a pop-up window — to type your name and information such as your date of birth, mother’s maiden name, bank account and cell phone numbers. Banks only need that type of detailed personal information when the account is initially opened.”
Be suspicious of unsolicited offers to download games, programs and other attractive “apps” (applications) onto your smartphone. Those “deals” could contain malicious software directing you to fake Web sites or install spyware used to steal information that can lead to theft. “You should consider using anti-virus software specifically designed for smartphones and other mobile devices,” added Nelson.
What are your best defenses against a variety of high-tech scams?
- Be aware that cyber criminals always look for ways to use new technology such as smartphones to try to commit fraud;
- Stop and think before giving personal information in response to an unsolicited request, especially one marked as urgent, no matter who the source supposedly is;
- Only communicate with your bank using phone numbers or e-mail addresses you are certain about — such as the customer service number on your bank statement or the back of your card — and add these important numbers to your phone’s contact list; and
- Only install programs that you know are from legitimate Web sites, such as your Internet service provider, financial institution, wireless phone company or trusted app vendors.