The information contained herein is for informational or educational purposes only.
Fraud Prevention: Avoiding the Most Common Scams
As e-commerce, online banking and digital correspondence with businesses have grown over the past few decades, the efforts of criminals working to steal personal information have evolved. Through increasingly sophisticated tactics, cybercriminals are launching advanced schemes to lift personal details, break into financial accounts and steal your hard-earned money.
The best defense against cybercrime is a combination of proactive education and digital safeguards. In this article, we’ll walk through the most common categories of online scams, as well as some proven strategies to stay a step ahead of fraud risk.
7 Common Scams Used by Cybercriminals
When you think of cybercrime and digital identity theft, you might imagine a hacker attempting to break into your phone or computer remotely. In reality, the most common scams utilize a strategy called phishing, which actually tricks individuals into revealing personal details and data themselves.
Typical phishing attacks involve a fraudster sending a fake email, text or voicemail impersonating an organization you interact with and requesting some basic information from you. But, instead, that information is routed to the criminal orchestrating the attack.
All seven of the common scams listed below leverage phishing strategies to different degrees and have proven successful in fooling Americans of all ages.
1. Fake Bank Alerts
Ironically, this scheme attempts to scare you into believing that representatives of your financial institution are reaching out about fraudulent activity.
You might receive what appears to be an automated text message on your phone that claims to be a fraud alert and asks if you recently made an instant payment of thousands of dollars. It’ is all an attempt to get you to click on a link so bad actors can gain access to your personal banking information.
Inspect the sender’s information to confirm that the message was generated from a legitimate source, but don’t click the link or call the number in the text.
2. Package Delivery Scams
Online shoppers are used to receiving text-based updates with package tracking links and delivery updates. Scammers take advantage of this familiarity to impersonate a package tracking service and request users click a link to update delivery or payment preferences.
Clicking the link may prompt the recipient to enter personal information, like financial account numbers and other private details. Alternatively, clicking the link may install malware on the affected device, allowing bad actors to steal personal information from the phone or computer.
Don’t respond to emails or texts of this nature. Even writing “STOP” will let the scammer know your contact information is genuine and they may then sell your number to other scammers.
3. Family Emergency Scams
An emotionally cruel tactic, scammers exploit the individual by calling, often late at night, posing as a relative in a dire situation in need of an immediate transfer of funds.
No matter how convincing, if you can’t verify the identity of the individual reaching out, don’t wire any money or share any financial details. Instead, immediately contact other family members to check the legitimacy of the situation.
To find additional tips on the different types of similar scams and how to avoid them, click here.
4. Computer Repair Scams
In this type of scam, the criminal reaches out to inform you that your computer isn’t working properly, often offering to sell you unnecessary repair services or requesting remote access to repair your device. Once they gain access, they can do tremendous damage with malware that steals passwords, account details, banking information and other personal data.
Unless you’ve requested assistance from a reputable partner, don't allow third-party access to your devices. To learn more, read these helpful tips on tech support scams and how to avoid them.
5. IRS Tax Scams
Scams that involve government impersonation can be particularly effective because of the stress they cause for the recipient. Often, the individual is so concerned with maintaining good standing with the government agency that they overlook indications of fraud.
IRS and tax scams persist year-round, threatening people with prosecution or jail time if they don’t pay debts. Due to the fact that fake IRS phone calls plague consumers, the IRS itself has repeatedly published a list of things you will not experience with a legitimate IRS representative, including phone calls demanding payment or threatening arrest and asking for specific payment methods like a prepaid debit card.
You can stay up to date on the latest scams by visiting the IRS page that tracks the latest scams targeting taxpayers.
6. Social Security Scams
In this government impersonation scam, the fraudster contacts you to say your social security number has been compromised or that you owe money and must act immediately to resolve the situation. Many of these calls are illegitimate and should be ignored.
If you think someone has stolen your social security number and you’re a victim of identity theft, you can file a report online. If you’ve lost your social security card, you can apply for a new card by opening an account on the government’s official social security website.
7. Investment Scams
Unlike many of the previous scams that play on fear, investment scams play on hope. In this attack, the criminal advertises or reaches out with an investment opportunity that promises a high rate of return with little or no risk.
The investments can come in diverse forms, like oil and gas, gold coins, real estate, cryptocurrency and deeds of trust. The goal of these scammers is to convince you of a lucrative opportunity and gain access to your bank account for funding. Then they can steal your information and drain your accounts. For more tips on how to avoid investment fraud, including how to check for investment company credentials and who to contact if you are a victim of fraud, click here.
How to Avoid Scams: Your Banking Fraud Prevention Checklist
Paired with an understanding of the diverse digital fraud schemes out there, there are some general guidelines to strengthen your bank fraud detection and prevention strategy and protect yourself and your loved ones from criminal activity.
Don't click unknown links.
- Avoid visiting any URLs in email messages that may be questionable.
- Hackers often infect web pages with malicious code, so avoid websites you are not familiar with.
- If you have any doubts about the legitimacy of a link, don't click on it.
Don’t share your sensitive information with just anyone.
- Your social security number, credit card numbers and bank and utility account numbers can all be used to steal your identity.
- Anytime you’re asked to provide these pieces of information, across any communication channel, ask yourself if you can trust the request.
- If you’re unfamiliar with the business or individual requesting sensitive information, think twice. It’s likely a scam.
Use only encrypted websites when giving personal information.
- If you’re shopping or banking online, stick to sites that use encryption to protect your information as it travels from your computer to their server.
- To determine if a website is encrypted, look for “HTTPS” at the beginning of the website address. The “S” indicates encrypted security.
- Some websites use encryption during sign-in or check-out, but if any pages of your journey on the website don’t begin with “HTTPS,” your account could still be vulnerable.
Never open suspicious files.
- Assume that any file you receive may be infected, even if you know the sender.
- Viruses, spyware and other malicious codes typically originate from an infected computer and its address book, so dangerous files could originate from senders like family, friends or work associates.
- When using email, browsing websites or using digital messaging of any kind, don't accept any unsolicited files.
Use strong passwords.
- The longer and more creative the password, the tougher it is to crack. Use at least 10 characters with a mix of letters, numbers and special characters.
- Avoid using predictable or personal information, such as addresses, family or pet names, birth dates or common words.
- Don’t use the same password for multiple accounts. If a password is stolen from you or a company with whom you do business, you don’t want it to open access to all of your critical accounts.
- Don’t share passwords on the phone, via text or by email.
- Legitimate companies don't send messages or emails requesting you provide your password to them. If you receive a message like this, it is likely a scam.
Regularly monitor your credit reports and credit score.
- Thieves can use your information to set up new credit cards in your name, so staying on top of your credit activity is vital to flagging fraud.
- Criminals can open accounts in your name with different addresses, meaning you may never receive bills or account notifications. This can result in a tanked credit score, unpaid bills, new debt and delinquent charges on your credit report.
Keep your operating systems up to date.
- Technology companies have a keen understanding of the latest cybercrime trends and work to add new protective measures that launch by way of software updates.
- If you avoid updating your operating system, you’re leaving your devices vulnerable to the latest, most sophisticated attacks.
- Beyond your computer or phone’s operating system, this practice also applies to your website browser. Putting off updates means opening yourself up to cybercrime.
Keep your antivirus, antispyware and firewall protection up to date.
- New threats emerge regularly and your defensive software updates accordingly to keep you protected.
- Keeping your software current and scanning your system monthly are both recommended to prevent attacks.
Your money is safe with Bask.
We know the discussion of emerging fraud threats and prevention tactics can be overwhelming, but at Bask Bank, we’re committed to providing peace of mind and protection for our digital banking customers.
Some of our advanced security measures include:
- Multi-factor authentication that offers a second layer of security to the account login process.
- Security alerts that notify you about password changes, unsuccessful logins and potentially fraudulent transactions.
- A secure messaging portal that offers a protected method of communication between you and Bask.
- Online privacy protection to keep your data and information secure.
- Account monitoring with proactive verification of large transfers.
You can also visit our information-rich Fraud Prevention Portal that includes hundreds of free resources you can use to strengthen your security tactics and stay one step ahead of scammers.
The Bask Blog
5 Ways You Can Keep Your Bank Account Safe
Take these steps to further increase your digital banking security, keep your bank account safe online and avoid fraud.
Interest Rate vs. APY: What's the Difference?
Interest rate and APY are often used interchangeably, but what exactly do they mean? And what’s the real difference between the two?
Understanding Digital Wallets
A digital wallet, or e-wallet, is an app that securely stores credit and debit cards on your mobile device. Learn more about digital wallets from Bask Bank.