As online and mobile banking habits grow in popularity, there’s never been a better time to crack down on cybersecurity. New data from the Federal Trade Commission reveals cases of fraud have surged alongside these digital financial services. Consumers lost nearly $8.8 billion to scams in 2022.
Scammers are successful at stealing people’s hard-earned money through phishing, a technique whereby they impersonate legitimate banks, direct online lenders, and other financial services to trick someone into sharing their personal information.
When the scammers piggyback on well-known brands, it can be challenging to tell fraud from the real thing. However, even the smoothest criminal has a tell. You can spot the scam once you know what a legit financial institution will never do online.
What is Phishing?
Phishing scams leverage the reputation of a trustworthy financial institution to trick people into sharing personal information over email.
In reality, it’s a scam outfit that’s merely pretending to be a legitimate brand to get your passwords, account numbers, and social security number.
This information is a financial goldmine for fraudsters. With these details in their hands, scammers can transfer money out of your accounts and open fraudulent cash advances in your name & do fraud.
Scammers Won’t Stop at Sending You Emails
Phishing has grown more complicated as technology has advanced. Now, in addition to fake emails, scammers may target you through text messages and phone calls.
Smishing has the same goal, however these scammers will impersonate a financial institution over text message. Rather than receiving an email asking for personal information, you’ll get a text message doing the same. This technique earns its name as a portmanteau of the text messaging service of most phones, called SMS (Short Message Service), and phishing.
Vishing is another common phishing attack that involves someone calling you and pretending to be from a reputable company. While they have you on the phone, they may ask you to confirm your identity by sharing confidential information, such as login credentials and account numbers. They may also pressure you to wire them funds right away.
You Can Spot the Phishing Line Before it’s Too Late
Legitimate financial institutions will email, text, and call you, so you can’t ignore these communications to avoid fraud. Instead, you have to learn what sets the real thing apart.
Whether they contact you by email, text, or phone, all scammers have subtle (and not so subtle) ways they show their hand. Here are some of the warning signs that expose fraudsters:
Fraudsters Don’t Have the Right Contact Details
When legitimate banks, direct online lenders, or other financial institutions emails you, they will come from a legitimate mail server and domain name.
No reputable financial company will contact you from an address that ends in @gmail.com, @hotmail.com, or @malifence. In almost all cases, legitimate companies use a branded mail server based on their company’s or parent company’s name.
Take for example, the folks at MoneyKey when they email you about your online loan. You may receive an email from MoneyKey itself. You will never receive an email regarding a MoneyKey installment loan or line of credit from a Gmail address.
Be wary of any email, even if it is branded with a familiar company, like MoneyKey. Some scammers may add a number or symbol to the correct name to trick unsuspecting people. You should also look at the words before and after the “@” symbol. Any unusual names, numbers, or symbols here are also red flags.
A Scam Asks You to Do Something a Legitimate Company Would Never Do
Legitimate financial institutions follow a certain code of communication. Usually, they email, text, or call you to share new promotions, remind you of an upcoming bill, or notify you of a new development with your account.
In any case, they will direct you back to their homepage or the sign-in page so that you can address these changes.
Legitimate lenders will never tell you to do any of the following:
- Respond to the email with any personal information (login credentials, account numbers, or social security number).
- Request you send gift cards, prepaid cards, or money transfers to pay off outstanding debts.
- Call you to take money out of your bank or transfer funds to a new account for safety.
- Visit another website that isn’t associated with their brand.
If you receive an email or phone call that asks these things, exit or hang up and reach out to your bank or online direct lender via their official website. You can confirm that these requests are fake and alert their team of fraud.
Their Links Direct You to a Bogus Website or Account
Another trick to spotting a scam involves your mouse or pointer finger.
If a financial institution has asked you to visit their website to deal with something in your account, hover your mouse over this address. The URL will preview in a small box in the bottom left-hand corner of your browser. This way, you can see the destination without ever visiting the website in question.
You can perform a similar check in your text messages by pressing and holding the URL shared in the chat. This will cause a task box to pop up, where you can tap to copy the text. Next, open your notes app and paste the URL there. You’ll be able to see where the text intends to send you.
When assessing links, apply the same rules regarding mail servers. You should only ever follow a link that shows the trusted financial institution is the destination, without any unusual numbers or symbols. If you still aren’t certain, you can plug the URL that comes up into this website reputation checker.
Don’t Get Caught by Phishing Scams
Online banking offers a convenient, fast, and simple way to manage your money. Don’t let the scammers stop you from taking advantage of these digital tools.
Remember these tips to change the way you interact with online direct lenders, banks, and other financial services. They’ll help you catch wind of any scam long before you accidentally give away your personal information.