You work hard for your money, so the last thing you want to do is inadvertently hand it over to a scammer pretending to be your bank. Unfortunately, these crimes are more common than you might realize.
In fact, bank fraud is on the rise. In 2021, there were 33,248 crimes reported involving debit cards, electronic funds transfer or ACH; 14,358 reports of crimes tied to existing accounts and 83,721 crimes linked to new accounts, according to the Federal Trade Commission. Respectively, this represents an 8%, 5% and 64% increase from 2020.
“In most instances, a fraudster will call their victim by phone, but they may also utilize email or another kind of communication,” said Levon L. Galstyan, a certified public accountant at Oak View Law Group, based in Glendale, California. “It’s conceivable they already know the victim’s name and financial institution.”
The best way to combat bank fraud is to be aware of common scams so you don’t fall victim. To help you get informed, he shared five signs someone is impersonating your bank.
1. You’re Told Your Account Is at Risk
“A fraudster impersonating a bank official may declare that a customer’s account is at risk and that they must move funds to a ‘safe account’ or set up automatic withdrawals to ‘stop the funds,'” Galstyan said. “There is a chance that a fraudster will request Digipass details to access the account and make payments on their own.”
If you’re not familiar with Digipass, it’s a service that allows you to generate a one-time password to safely sign into your online accounts. Don’t even do this for someone you don’t know or trust.
2. You’re Told To Install Screen-Sharing Software
“They may request that the victim install screen-sharing software so that they can watch or control the system,” he said. “If this is done, a user’s account is easier to administer.”
No legit bank employee will ever ask to share your screen, so don’t fall for this scam.
3. You’re Asked To Share Your Login Details
“Phishing can utilize emails that appear to originate from well-known institutions, such as banks or popular websites,” Galstyan said. “Please be advised, for your protection, that banks will never ask you for critical information such as your login and transaction passwords or One Time Password — OTP.”
Of course, that’s not the only type of phishing scheme that needs to be on your radar. Galstyan said to watch out for spear-phishing, which is when scammers send emails that look like they’re from a co-worker or a close relative.
“It is an attempt to steal sensitive information systematically,” he said. “The subject line address is often personalized to a particular project or organizational development or may connect to a personal occasion.”
He also advised to be on alert for fake emails from your bank.
“When you open the email and click on a link within it, a Trojan horse or other dangerous software is downloaded or a form requiring your ‘personal information’ displays on their computer screen in a matter of seconds,” he said. “Once you give the information, your bank account is hacked.”
It’s also possible you’ll click a link that directs you to a website that looks like the one belonging to your bank — but isn’t. He said this fraudulent practice is called website spoofing.
“Phishers use the names, logos, images and even the legitimate website — bank — source code to make spoof sites appear authentic,” he said. “This includes the URL in your browser’s address bar and the lock icon in the bottom-right corner of your browser’s toolbar.”
4. You Receive a Call Requesting Personal Information
“Sometimes fraudsters pose as bank employees to obtain personal information like your user name, password, OTP — one-time passcode — URN — Unique Registration Number — and any other confidential info, such as your date of birth or maiden name,” he said. “Bank employees would never call you to get your personal information over the phone.”
If you’re at all uncertain about any information a bank employee asks you to divulge by phone, hang up and call the number listed on the company website. Just make sure the website is legit and not one created in a phishing scheme, as noted above.
5. You’re Threatened To Take Action
“If your bank sends you an email and threatens you to make payments, buy gift cards with a code or cash a check for a stranger, it’s a scam,” he said. “Look at the email. “Does it have loads of grammatical errors? Is the entire email in image format? Does it ask you to open a cloud storage document? What about the subject line? Does it have special characters? These are a few signs of a scam.”
Conversely, he said if you receive an email where the bank informs you that your account has been locked due to suspicious activity, this is likely legitimate. Personally, this has happened to him in the past, when a scammer debited $800 from his bank account.
“I received the email from the bank instantly,” he said. “Before I could fathom anything, there was another email from the bank that my debit card had been locked due to suspicious activity.”
He said the email from his bank was genuine and the stolen money was credited back to his account following a thorough investigation.
More From GOBankingRates