Every day, thousands of people fall victim to fraudulent emails, texts and calls from scammers pretending to be their bank. The Federal Trade Commission’s 2019 report on fraud estimates that American consumers lost a staggering $1.48 billion to phishing scams in 2018. The problem has only grown worse during the COVID-19 pandemic, given the increased use of online and digital banking tools.
To mark the beginning of National Cybersecurity Awareness Month, The American Bankers Association, joined by banks of all sizes across the nation, today launched a first-of-its-kind, industry-wide campaign to educate consumers about the persistent threat of phishing scams. “With the help of banks from across the nation, we’re turning the tables on the bad guys by empowering consumers with the tools they need to spot bogus bank communications” said Rob Nichols, ABA president and CEO. The #BanksNeverAskThat campaign reinforces the notion that banks do not text, call or email customers asking for sensitive information like their passwords and PIN.
National Cybersecurity Awareness Month is a collaborative effort between government and industry that raises nationwide awareness of cyber crimes and prevention every October. Because it coincides with the launch of #BanksNeverAskThat, ABA is celebrating with a cybersecurity-month sweepstakes. Every week during the month of October, site visitors can test their scam savviness by taking the #BanksNeverAskThat quiz, then sharing it on Twitter for the chance to win one of 15 gift cards. All entrants in ABA’s sweepstakes will also be eligible to win the $1,000 grand prize at the end of the month.
What is Phishing?
Phishing is a type of online scam where criminals make fraudulent emails, phone calls, and texts that appear to come from legitimate businesses, even your bank. Every year, people lose hundreds, even thousands of dollars to these scams. The communication is designed to trick you into entering confidential information (like account numbers, passwords, PINs, or birthdays) into a fake website by clicking on a link, or to tell it to someone imitating banks and businesses on the phone.
What to do if you receive a scam email, call, or text
Email or Text
If you suspect that an email or text you receive is a phishing attempt:
- Take a deep breath. In most cases, it’s perfectly safe to open a scam email or text. Modern mail apps, like Gmail, detect and block any code or malware from running when you open an email. The key is not to click links, or download any attachments.
- Do not download any attachments in the message. Attachments may contain malware such as viruses, worms or spyware.
- Do not click links that appear in the message. Links in phishing messages direct you to fraudulent websites.
- Do not reply to the sender. Ignore any requests from the sender and do not call any phone numbers provided in the message.
- Report it. Help fight scammers by reporting them. Forward suspected phishing emails to the Anti-Phishing Working Group at firstname.lastname@example.org. If you got a phishing text message, forward it to SPAM (7726). Then, report the phishing attack to the FTC at ftc.gov/complaint.
If you receive a phone call that seems to be a phishing attempt:
- Hang up or end the call. Be aware that area codes can be misleading. If your Caller ID displays a local area code, this does not guarantee that the caller is local.
- Do not respond to the caller’s requests. Financial institutions and legitimate companies will never call you to request your personal information. Never give personal information to the incoming caller.
- If you feel you’ve been the victim of a scam and provided personal or financial information, contact your bank immediately at their publicly listed customer service number. Often, this is found on the back of your bank card. Be sure to include any relevant details, such as whether the suspicious email, call, or text attempted to impersonate your bank and whether any personal or financial information was provided to the spammer.
What to do if you fall for a scam email, call, or text
- Contact your bank, financial institutions, and creditors
- Speak with the fraud department and explain that someone has stolen your identity.
- Request to close or freeze any accounts that may have been tampered with or fraudulently established.
- Make sure to change your online login credentials, passwords and PINs.
- Secure your email and other communication accounts
- Many people reuse passwords and your email or cell phone account may be compromised as well.
- Immediately change your accounts’ passwords and implement multi-factor authentication— a setting that prevents cybercriminals from accessing your accounts, even if they know your password — if you haven’t already done so.
- Check your credit reports and place a fraud alert on them
- Get a free copy of your credit report from annualcreditreport.com or call 877.322.8228.
- Review your credit report to make sure unauthorized accounts have not been opened in your name.
- Report any fraudulent accounts to the appropriate financial institutions.
- Place a fraud alert on your credit by contacting one of the three credit bureaus. That company must tell the other two.
– Experian: 888.397.3742 or experian.com
– TransUnion: 800.680.7289 or transunion.com
– Equifax: 888.766.0008 or equifax.com
- Contact ChexSystems at 888.478.6536 to place a security alert on the compromised checking and savings accounts when a deposit account has been impacted.
- Contact the Federal Trade Commission to report an ID theft incident: visit ftc.gov/idtheft or call 877.438.4338.
- File a report with your local law enforcement
- Get a copy of the report to submit to your creditors and others that may require proof of the crime.
For more tips on ways to protect yourself from fraud, visit our resources: https://www.thecooperativebankofcapecod.com/resources/your-security/