As the internet has become more intertwined with our daily lives with things being on the “cloud,” examples of people being taken advantage of have become more mainstream. One way this happens is when dishonest people contact potential victims and persuade them to divulge information to use for their own benefit. There are many ways this can happen, but the information is typically common: credit card numbers, social security numbers, or financial account information. We have recently heard of two friends being targeted in the past couple of months. This article is meant to give some tips to help you from becoming a victim of information fraud.
First, in this information age, we should have all accounts and devices protected by a password and locked away. When available, we recommend utilizing dual-factor authentication whereby you must verify your use of a device or website through an alternative means (i.e., a text with a code). However, this protection may not protect you 100%, so we must be vigilant on some of the other methods being used.
Here are a couple of examples we learned of recently:
A friend received a text on his phone asking him to verify a payment to Apple. The sender of the text identified themselves as his bank and provided a “hyperlink” to a website to verify the transaction. Since the alert seemed applicable to his situation, he clicked the link. This brought him to a website that appeared to be owned by his bank and asked him to log in with his credentials. Thankfully, there was an alert on their web browser that warned them the website might be fraudulent. Since the friend hadn’t used the web banking function before, he did not proceed. After investigating, the website was in fact fake but he avoided becoming a victim by not inputting their information.
Another friend received an email that appeared to be from his bank with the same type of request… “please verify the transaction posted to your account.” In this instance, the friend wasn’t paying full attention and entered his login credentials. Soon after, this person reviewed his transaction history and noticed a couple of transactions they did not recognize. Thankfully, no money was taken (as one was a credit, and another was a debit), but it was determined by the bank that some unauthorized party did have access to their account. Therefore, they had to go through the trouble of changing all of their banking account information.
An alternative method that is used by scammers is to call you directly. With the advent of technology, phone calls can also be spoofed, meaning they might appear to be from a party you work with. In another recent example, we had a friend who was called by their bank and asked for information. The number appeared legitimate, so this friend complied. Unfortunately, it was a scammer who was posing as an agent from their bank. In this instance, the individual divulged their credit card number, and items were charged to the card without their knowledge. Thankfully, they were able to recover funds, but it was still a lot of trouble to go through.
These previous examples are only a few ways that are used by fraudulent people. The main idea is that it is best practice to be suspicious of anyone asking for personal details and to independently verify contact details before divulging any information. It is best practice to refrain from giving out information when you are contacted and connect with the institution using known contact information to supply any requested information.
Charles Schwab has put together a resource that covers many other methods that can be used to help prevent you from being a victim of identity theft. This can be found at: www.schwab.com/schwabsafe
This new age of cybercriminals is unsettling, however, here at BPC Advisors and at Charles Schwab, known precautions are implemented to keep client information safe and this is an area where we are continually researching ways to improve. We are hopeful these shared tips will help you continue to be safe in this evolving landscape.