Have you ever received a text message or email making an unusual money request? This is a type of social engineering scam often referred to as phishing, and it is quickly becoming all too common among the masses.
According to Kevin Lee, VP of trust and safety at Sift, 98% of cybercrime involves social engineering. Fraudsters using social engineering scams will trick or manipulate people into revealing confidential information including passwords, credit card numbers or other credentials. Cybercriminals will use this information to commit payment fraud or account takeover (ATO) attacks. According to a recent Sift report, ATO attacks jumped by 131% in the first half of 2022.
As phishing and money scams become increasingly convincing, what can people do to protect themselves? Here’s how you can spot money scams through email and text messaging and what to do next if you think you’re the target of a scammer.
Signs of a Money Scam
The next time you receive an unusual or suspicious text or email, keep your eyes peeled for the following signs of a social engineering scam.
Sense of Urgency
One of the most common tactics fraudsters use is creating a sense of urgency.
This is an attempt to prompt you to quickly take action without thinking all the way through about the text or email you just received. Lee uses the example of receiving a text that says your bank account will be shut down unless you immediately share a password, download something or click a link.
Grammatical errors are common red flags indicating scammy messages. These will include obvious misspellings or strange wording and can easily be spotted.
Mismatching Sender Email and Domain Name
Look out for sender emails and domain names that don’t match. “It’s important to pay attention to missing letters or numbers that stand in for letters, like the number 0 instead of an O,” Lee said.
Jason Zirkle, certified fraud examiner (CFE) at the Association of Certified Fraud Examiners (ACFE), said to keep an eye out to see whether the sender’s email address looks like a suspicious variation of a well-known company. A good example is receiving an email from “Google” that has the email address google-support-us.com.
Texts or Emails “Claiming” Something
Zirkle said you can spot money scams through texts or emails “claiming” the following have happened:
- You won a prize in a contest, even if you don’t remember entering the contest.
- The email or text is from law enforcement or a government agency.
- The text or email claims it is from a shipping company, like UPS or FedEx, and it needs you to click on a tracking link.
Zirkle said, “Any text messages asking you to click a link, no matter who they purport to be from, are a red flag.”
Do not open or download any attachments you are not expecting in an email.
Hyperlinks in Email
Much like spammy text messages asking people to click on links, Zirkle said spam emails have hyperlinks for you to click. The big red flag is when you hover over the hyperlink and see the link-to address is different.
Do not open any links, especially if the link seems unusual or there is a sense of urgency in the content copy to click the links.
Lee said, “Be on alert if the message is asking you to send or transfer money, purchase something for someone or share your login credentials.”
How To Protect Yourself From Money Scams
Some phishing scams are now utilizing AI tools to seem more believable. Consumers can stay vigilant and keep their personal information safe by following these steps.
Delete the Message and Do Not Click Links
If you receive a text message or email creating a sense of urgency and telling you to click on a link, open an attachment or call a phone number, Zirkle recommends deleting it. Do not click any links.
What if the message purports to be coming from an important contact, like your bank? Zirkle said to Google the actual phone number for your bank and call it to check whether the message is legitimate.
“The message will usually convince you the sender is trying to get you to avoid a negative consequence, like threatening to arrest you, or gain something of value, like winning a prize,” Zirkle said.
Never Share Your Financial Information or Account Passwords
Do not give out your financial information for discounts or rewards. Lee said this information should be provided only to trusted financial institutions or government agencies.
Similarly, do not send out account passwords to anyone over SMS or email. Lee recommends keeping your data safe by using a password manager. This allows you to use a unique name and password for every website and store. It remembers the passwords so you don’t have to.
Take Your Time
If you receive a text or email from someone you trust saying they need you to do something immediately, such as verify your ID or send money, Lee recommends stopping and thinking it through. Ask yourself these questions before making any moves:
- Would this person ordinarily contact you in this way?
- Does their communication style seem different than usual?
- Can you verify it’s actually them by contacting them in a different way?
Lee said, “Many fraudsters imbue their scams with a sense of urgency or emotional appeals to get their victims to act quickly without thinking about how realistic the request really is.”
What If You Are a Victim of an Email or Text Money Scam?
What if you are a victim of an email or text scam? Oren Wortman, Sygnia’s VP of cyber security services for North America, recommends taking the next steps:
- Notify law enforcement. Wortman said you can do this by filing an Ic3.gov form with the FBI. “This is a cyber complaint, alerting the IC3 you have been the victim of an Internet crime,” Wortman said.
- Notify all of your financial institutions. This ensures these institutions aren’t processing requests for payments or things like wire transfers without your confirmation.
- Notify credit bureaus. “They will put a lock on your credit reports and credit profiles,” Wortman said. “You don’t want fraudsters messing up your credit score.”
- Subscribe to identity and credit monitoring services. These services will help you monitor your personal information such as your name, SSN, linked bank accounts and more.
More From GOBankingRates