Security Tips

Consumer Technology Topic of the Month

How Do I Prevent Account Takeover Fraud?

Tips to protect your passwords, usernames and online accounts.

Account takeovers have become a growing concern for people of all ages during 2023. Whether you're managing your retirement funds, social media accounts, or online shopping accounts, the risk of having your personal information and finances compromised is real.

Understanding Account Takeovers

Account takeovers, also known as ATOs, occur when cybercriminals gain unauthorized access to your online accounts. These accounts can include financial institutions, social media profiles, email accounts and more. Once attackers gain access, they can steal your personal information, make unauthorized purchases, or even commit fraud in your name.

Why Account Takeovers Matter

Account takeovers can have severe consequences, particularly for older adults who may have accumulated significant savings and assets over their lifetime. Here's why account takeovers matter:

Financial Loss: Cybercriminals can drain your bank accounts, make unauthorized purchases with your credit cards, or even liquidate your investments, leading to significant financial losses.
Identity Theft: ATOs often involve the theft of personal information, which can be used to open new lines of credit or commit other fraudulent activities in your name.
Emotional Distress: Dealing with the aftermath of an account takeover can be emotionally distressing, causing anxiety, frustration, and feelings of violation.

Protecting Yourself Against Account Takeovers

Fortunately, there are steps you can take to protect yourself from account takeovers and reduce the risk of falling victim to cybercriminals:

Strong, Unique Passwords and Usernames- Create strong, unique passwords for each of of your online accounts. Use a combination of letters, mismatched words, numbers, and symbols, and avoid using easily guessable information like birthdays or names.
Two-Factor Authentication (2FA): Enable 2FA wherever possible. This adds an extra layer of security by requiring a one-time code sent to your mobile device or email when logging in.
Regularly Update Software: Keep your devices and software up to date to patch any vulnerabilities that cybercriminals might exploit.
Monitor Your Accounts: Regularly review your financial and online accounts for any suspicious activity. Report any unauthorized transactions immediately to your bank or the respective platform.
Beware of Phishing, Vishing, and Smishing: Be cautious of unsolicited emails, messages, or phone calls that ask for personal information. Verify the sender's identity before sharing any sensitive data.
- Phishing is when criminals send you a fake email to get your information, including your passwords.
- Vishing, or voice phishing, is when criminals make a fake phone call or an automated robocall.
- Smishing is when they send you a fake SMS text message.
Secure Wi-Fi Networks: Use secure, password-protected Wi-Fi networks when accessing your accounts, especially in public places.
Educate Yourself: Stay informed about the latest cybersecurity threats and best practices for online security.
Use a Password Manager: Consider using a reputable password manager to generate, store, and autofill your complex passwords.
Freeze Your Credit: Consider placing a credit freeze with the major credit bureaus to prevent new accounts from being opened in your name without your permission.

Account takeovers pose a real threat to individuals of all ages, but with vigilance and proactive measures, you can significantly reduce your risk. Protecting your financial well-being and personal information requires ongoing attention to online security practices.

ANATOMY OF A FAKE CHECK SCAM

Fake checks drive many types of scams- like those involving phony prize wins, fake jobs, mystery shoppers, online classified ad sales, and others. In a fake check scam, a person you don't know asks you to deposit a check-sometimes for several thousand dollars and usually for more than what you are owed- and wire some of the money back to that person. The scammers always have a good story to explain the overpayment- they're stuck out of the country, they need you to cover taxes or fees, you need to buy supplies, or something else. But by the time your bank discovers you've deposited a bad check, the scammer already has the money you sent, and you're stuck paying the rest of the check back to the bank.

The Federal Trade Commission receives tens of thousands of reports each year about fake checks. Over the last three years, the number of complaints has steadily increased, and so have the dollars lost.

The FTC's new info graphic developed with the American Bankers Association Foundation, offers some tip-offs to rip-offs and what to do if you get a check from someone you don't know.

Please share this information with others. Victims may be embarrassed to talk about their experiences, but you can help. A simple phone call, email or text, saying "Look what I just found" and sharing this information may make a difference in someone else's life.

Avoiding Cryptocurrency Scams

How to Avoid Cryptocurrency Scams!

Scammers are always finding new ways to steal your money using cryptocurrency. To steer clear of a crypto con, here are some things to know.

ONLY SCAMMERS DEMAND PAYMENT IN CRYPTOCURRENCY. No legitimate business is going to demand you send cryptocurrency in advance- not to buy something, and not to protect your money. That's always a scam.
ONLY SCAMMERS WILL GUARANTEE PROFITS OR BIG RETURNS. Don't trust people who promise you can quickly and easily make money in the crypto markets.
NEVER MIX ONLINE DATING AND INVESTMENT ADVICE. If you meet someone on a dating site or app, and they want to show you how to invest in crypto, or asks you to send them crypto, that's a scam.

Spot Crypto-Related Scams

Here are some common investment scams, and how to spot them.

A so-called "investment manager" contacts you out of the blue. They promise to grow your money- but only if you buy cryptocurrency and transfer it into their online account. The investment website they steer you to looks real, but it's a fake, and so are their promises. If you log in to your "investment account", you won't be able to withdraw your money at all, or only if you pay high fees.
An online "love interest" wants you to send money or cryptocurrency to help you invest. That's a scam. As soon as someone you meet on a dating app asks you for money, or offers you investment advice advice, know this: that's a scammer. The advice and offers to help you invest in cryptocurrency are nothing but scams. If you send them crypto, or money of any kind, it'll be gone, and you typically won't get it back.
Scammers guarantee that you'll make money or promise big payouts with guaranteed returns. Nobody can make those guarantees. Much less in a short time. And there's nothing "low risk" about cryptocurrency investments. So: if a company or person promises you'll make a profit, that's a scam. Even if there's a celebrity endorsement or testimonials from happy investors. Those are easily faked.
Scammers promise free money. They'll promise free cash or cryptocurrency, but free money promises are always fake.
Scammers make big claims without details or explanations. No matter what the investment, find out how it works and ask questions about where your money is going. Honest investment managers or advisors want to share that information and will back it up with details.
IF YOU SEE A TWEET ( OR A TEXT, OR OTHER MESSAGE ON SOCIAL MEDIA) THAT TELLS YOU TO PAY WITH CRYPTOCURRENCY, THAT'S A SCAM!

March 2025 Security Tip

Financial Scams to Avoid

Wire Transfer Scams

Wire Transfers can be a convenient way to send and receive money. That's why scammers find them so attractive.

Never Wire Money to Someone You Don't Know

This is the main advice when it comes to wiring money. If you don't know the person you're sending the money to- or if you haven't known them very long- simply don't do it. If you've sent money to a scammer by mistake, there's a good chance the money will be gone for good.

Signs of a Wire Transfer Scam

You're Unexpectedly Asked to Wire Money

Be cautious before wiring money- even if you're asked by the government, a good friend, or relative.

Calls from the IRS, for example, are often scams. Fake IRS representatives will threaten you with arrest or other consequences if you don't pay up. If you think you might owe money to a government agency, contact them separately to confirm. Otherwise, just hang up!

Your relatives can even be used as part of a scam. Scammers are very skilled at fooling people into thinking their own relatives are asking for money. They might call you from a familiar phone number and disguise their voice, claiming to be crying or sick. They may email you from a familiar email address/name. They might seem credible because they know details about your family that they have learned from the internet.

If you have any doubt, make sure you contact a relative separately to confirm the story. Don't listen to pleas to "not tell anyone". Remember, they are asking for your hard earned money!

You're sent a Check in Exchange for a Return Payment

Scammers will sometimes send a fake check-cashier's check, personal check, money order, etc.- and ask you to cash it and then send them the money.

Sometimes, they will say you have won a prize or the lottery, have earned an inheritance, can work from home, or can become a "secret shopper." Other times, you will receive a check as payment to something you were selling online. Either way, the check will be for more than they're asking in return. They'll say this is for processing fees and your time/effort pr that the extra payment was a mistake that they need refunded immediately.

Beware! The check is a fake. Don't attempt to ash it. Immediately cut off communication.

This is fake. You never need a confirmation code or money transfer control number to pick up wired money. If someone requests this info, you're being scammed.

You're Asked to Wire Money to Another Country

Typing or grammar errors are a common sign of foreign scammers attempting to get you to send them money. They'll have a convincing reason for their request- e.g., a grandchild is on vacation, etc. But there's almost no good reason to wire money without confirming the story first.

February 2025 Security Tip

The Latest Scams You Need to be Aware of in 2025

AI Scams

Generative AI tools generally get classified by the type of content they generate, such as text, images or videos. Scammers use them to enhance different types of popular scams.

Phishing and smishing: Scammers can use AI to write more convincing and natural-sounding phishing emails and text messages.
AI Images: Scammers can use AI generated images to quickly create eye-catching websites, social media ads, fake identification documents, explicit photos and fake headshots for social media profiles.
Deepfake videos: AI-generated videos might be created to promote fake products, services or investments. Scammers also might use deepfake recordings or real-time face-and body-swapping tools to trick victims into thinking they're someone else.
Fake and cloned voices: Scammers also use AI-generated or altered voices for their videos and for phone-based scams. Some AI tools can even mimic real accents.

2. Impostor Scams

Scammers almost always hide their identity, and imposter scams are one of the most common types of scams or fraud because the category is fairly broad. These happen when the scammer pretends to be a friend, relative, celebrity, politician, businessperson, government agent, delivery person or company representative.

Some types of imposter scams are so prevalent that they have their own name, such as the grandparent scam and romance scams. Now that scammers can use AI, it's more important than ever to be skeptical when someone contacts you, especially if they try to scare you or offer you a gift or investment opportunity.

4. Romance Scams

While romance scams aren't new, they remain a popular scam and are a prime example of how scammers can use generative AI to trick victims.

Scammers often steal someone's identity or create fake profiles on dating and social media apps to meet victims. There's no surefire method to detect a fake. Some will use AI to deepfake video calls, and some crime organizations even force people or hire models to conduct romance scams.

After gaining your trust, the scammer might ask you to buy them something, ask for m money or give you an investment "tip" that's part of the scam. Or, the person may "mistakenly" send you money and ask you to send it back or forward it to someone else. If your bank later determines that their payment was fraudulent, the sum of the payment will be subtracted from your account.

Many romance scams start with text messages, private messages on social media, or in dating apps. And they can target anyone-some scammers even seek to form platonic rather than romantic relationships.

"Accidental" Text Messages- Have you ever gotten a text message that seems genuine, but it also appears to be intended for someone else? It might say something like, "sorry I'm running late, I'll be there in 15 minutes". Not wanting to be rude, you respond to tell the sender they've got the wrong number.

These wrong number texts are often the first step in a romance or employment scam. Although there's sometimes a scammer on the other end from the start, scammers can also use AI messaging bots to target thousands of people at a time.

5. Phone-Related Scams

Scammers may contact you by phone, and some phone scams rely on smartphones' capabilities to access the internet and install malware. These phone-related scams include:

Robocalls: Robocalls have people's phones ringing nonstop with increasingly natural-sounding recorded voices. They may offer everything from auto warranties to vacations, or issue a threat to try and get your attention. Some robocalls can even respond to your questions using prerecorded or AI-generated messages.
Malicious apps: Scammers may try to get you to install a malicious app to steal your information. Or, they might create a nearly identical copy of an existing app and then make money from in-app purchases. Recently, there were reports of malware that could infect your phone and trick you into calling the scammer when you try to call your bank.
QR Codes: These convenient codes have gained popularity as a touchless option to do things like read a restaurant menu or make a payment. However, scammers place their QR codes in inconspicuous spots, and scanning the code could prompt you to make a small purchase or enter your credentials on a lookalike website. Some scammers even go as far as printing QR codes on letters that appear to come from government agencies and then mailing them out.
SIM swapping: This technique is used by a thief to reassign your number to a SIM card in a phone they control. They can then try to log in to your accounts using codes or links sent to your phone number. Contact your carrier to see if there are any security measures for stopping SIM swapping. Also, see if your accounts let you use a non-SMS multifactor authentication option, such as an authenticator app that scammers can't steal or access.
One-time password (OTP) bots: Some scammers use so-called OTP bots to trick people into sharing the authentication codes. The scammer might try to log in, prompting the bank to send you a one-time code. At the same time, the bot imitates the company and calls, texts or emails you asking for the code. The timing might convince you that the bot's request is legitimate. However, if you respond, it sends the code to the scammer, who can now log in to your account.

6. Cryptocurrency and Investment Scams

Cryptocurrency prices rocked after the presidential election, and cryptocurrency scams are sure to follow. These have taken different forms over the years, including scams involving fake prizes, contests, giveaways or early investment opportunities.

The scammers may impersonate celebrities or popular websites to lure victims into sending them money, sharing login information or "investing" in a project. Crypto exchange accounts have also been the target of the OTP bot attach technique described above to prevent you from getting your crypto back while the scammer drains your account.

7. Online Purchase Scams

Online purchase scams continue to be one of the riskiest types of scams, according to the BBB. Some scammers set up fake e-commerce stores and buy ads for the website on social media. Alternatively, scammers might list items for sale on online marketplaces, including social media platforms' marketplaces.

The scammers might take your money and never send anything in return. Or, they might be committing triangulation fraud and purchasing the item you bought with some someone else's stolen credit card. You might not realize you were part of a scam unless you try to return the item or use a warranty.

Always look for red flags such as too-good-to-be-true prices, lack of details or high-pressure sales tactics. Paying with your credit card can also help you limit potential losses, as you can initiate a chargeback of you don't receive a product or service.

2025 SPOTLIGHT: REFUND PHISHING

Some scammers figured out a new way to profit from stolen credit card information. Rather than focusing on stealing money from the card, they make a fraudulent purchase from a fake merchant whose name is a phone number or email. Victims call or visit the site to dispute the transaction, but they're phished-tricked into sharing personal and account information with the scammer.

8. Employment Scams

Employment scams use enticing, and hard-to-detect, lures to target people who've been out of work. Some scammers take a slow approach with interviews and a legitimate-seeming operation. They then collect personal information from your employment forms, or tell you to buy equipment or training.

Other scams get right to the point and promise guaranteed or easy income- if you purchase their program. Sometimes, a fake employer sends a large paycheck and asks you to send the "extra" back- a play on the popular overpayment scam.

You may come across job opportunities that involve receiving money and sending funds to another account, or receiving and reshipping packages. These "money mule"" and "reshipping mule" jobs are often part of an illegal operation, and you could be personally liable.

9. Check Fraud

Criminals have been breaking into mailboxes and robbing mail carriers to steal mail and look for checks. If you mail a check and it's stolen, they might create a counterfeit check and use it to withdraw money from your account.

Your bank or credit union will often reimburse you, but it could take a long time and cause money problems while you wait. It might be best to avoid writing and mailing checks altogether. If you have to send a check, some pens, such as Uni-Ball pens with Super Ink, claim to stop check washing. That still won't protect against some other types of check fraud, though.

How to Avoid a Scam

While scammers' delivery methods and messaging can quickly change, a few basic security measures can help protect you from the lates and most common scams:

Be skeptical when someone contacts you. Scammers can spoof calls and emails to make it look like they are coming from different sources, including government agencies, charities, banks and large companies. Don't share personal information, usernames, passwords or one-time codes that others can use to access your accounts or steal your identity.
Don't click unknown links. Whether the link arrives in your email, a text or a direct message, never click on it unless you're certain the sender has good intentions. If the message says it's from a company or government agency, call the company using a number that you look up on your own to confirm its legitimacy.
Be careful with your phone. Similarly, if you suspect a spam call, don't respond or press a button. The safest option is to hang up or ignore the call entirely. You can look up the organization and initiate a call if you're worried there may be an issue.
Update your devices. Software updates may include important security measures that can help protect your phone, tablet or computer.
Enable multifactor authentication. Add this to any accounts that offer it as an option, and try to use a non-SMS version to protect yourself from SIM swapping.
Research companies before taking any actions. Before you make a purchase or donation, take a few minutes to review the company. Do a web search for its name plus "scam" or "reviews.
Don't refund or forward overpayments. Be careful whenever a company or person asks you to refund or forward part of a payment. Often, the original payment will be fraudulent and take back later.
Look for suspicious payment requirements. Scammers often ask for payments via cash, wire transfer, money order, cryptocurrency or gift cards. These payments can be harder to track and cancel than other forms of payment, which can leave you stuck without recourse.
Create a family password. Create a family password that you can all use to verify that it's really one of you on the phone, and not someone who created a deep faked video or cloned voice.

January 2025 Security Tip

IRS Warning about Phishing and Smishing Scams

The Internal Revenue is warning taxpayers to be aware of evolving phishing and smishing scams designed to steal sensitive taxpayer information.

With taxpayers continuing to be bombarded by email and text scams, the IRS warned individuals and businesses to remain vigilant against these attacks. Fraudsters and identity thieves attempt to trick the recipient into clicking a suspicious link, filling out personal and financial information or downloading a malware file onto their computer.

Phish or smish: Don't take the bait

The IRS continues to see a barrage of email and text scams targeting taxpayers and others. These schemes frequently peak during tax season but they continue throughout the year. Taxpayers face a wide variety of these scams and schemes. And tax professionals, payroll providers and human resource departments remain favorite targets of email and text scams since they have sensitive personal and financial information.

That means taxpayers and tax professionals should be alert to fake communications posing as legitimate organizations in the tax and financial community, including the IRS and state tax agencies. These messages arrive in the form of unsolicited texts or emails to lure unsuspecting victims to provide valuable personal and financial information that can lead too identity theft. There are two main types:

Phishing: An email sent by fraudsters claiming to come from the IRS. The email lures the victims into the scam with a variety of ruses such as enticing victims with a phony tax refund or threatening them with false legal or criminal charges for tax fraud.
Smishing: A text or smartphone SMS message when scammers often use alarming language such as " Your account has now been put on hold:, or "Unusual Activity Report:, with a bogus "Solutions" link to restore the recipient's account. Unexpected tax refunds ar another potential lure for scam artists.

Never click on any unsolicited communication claiming to be the IRS as it may surreptitiously load malware. It may also be a way for malicious hackers to load ransomware that keeps the legitimate user from accessing their system and files.

In some cases, phishing emails may appear to come from a legitimate sender or organization hat has had their email account credentials stolen. Setting up two-factor or multi-factor authentication with their email provider can reduce the risk of individuals having their email account compromised.

Posing as a trusted organization, friend or family member remains a common way to target individuals and tax preparers for various scams. Individuals should verify the identity of the sender by using another communication method, for instance, calling a number they independently know to be accurate, not the number provided in the email or text.

The IRS initiates most contacts through regular mail and will never initiate contact with taxpayers by email, text, or social media regarding a bill or tax refund.

December 2024 Security Tip

Cryptocurrency Investment Fraud

Cryptocurrency investment fraud is one of the most prevalent and damaging fraud schemes today.

Scammers, through various means of manipulation, convince victims to deposit more and more money into financial "investments" using cryptocurrency. In truth, these investments are fake; all victim money is under the control of-and ultimately stolen by-criminal actors, usually overseas. As a result, victims typically lose all money they invested.

The Process

The Selection of the Victim

Scammers use a variety of methods to initially lure and contact victims. Here are some of the most common methods.

Social Media: Scammers use social media to reach out to victims directly-messaging them- or indirectly through deceitful job advertisements or investment opportunities that can be found on all main social media platforms.
Texting: Scammers text victims pretending they mis-dialed a number, sending a photo of themselves, or saying they work for a company that is hiring for job opportunities.
- Red Flag: Once the victim agrees to continue communicating, it's common for the scammer to ask to move their messaging to another platform including WhatsApp or Telegram- e.g., "Hey, do you have WhatsApp, let's talk there." They may use a different phone number from the one the victim may have been contacted by initially.

2. The Building of Trust

Once initial communication has been established, scammers seek to deceive victims about who they are (their "persona") and what they want (their "desires") to forge trust with the victim. Tactics vary but below are common characteristics of cryptocurrency investment fraud scammer personas:

Excessive flattery
Empathizing with, often suffering from, similar life events as the victim (e.g., if a victim is going through a divorce then the scammer may be going through a divorce, too).
Suffering from a hardship that requires help from the victim.
Sharing pictures, often selfies, of themselves.
Offering to meet in person but making those meetings contingent upon the victim accomplishing a task (e.g., we can meet once you raise enough money)
Expressing a strong romantic interest in the victim.
Agreeing to some video conference calls but preferring instead to speak over text.

3. The Pitch

Once trust is established with victims, criminals introduce the topic of investing. It's common for scammers to say they themselves- or people in their family or close network- are experts in such investments. They may promise they can bring the victim in on "the ground floor." Types of investments can vary, however common ones include binary trading, liquidity mining, and gold futures.

4. The Initial Investment

Once the scammer convinces the victim to participate in their scheme, the scammer will instruct the victim how to invest the money, as follows:

Open a cryptocurrency account at a reputable exchange.
Transfer money from a traditional bank account to the new cryptocurrency account.
Convert the money-now hosted on the cryptocurrency exchange- to the cryptocurrency type the scammer specifies, e.g., Bitcoin, Ether, Tether.
Open an account on the "investment platform" provided by the scammer or an individual group that the scammer directed the victim to.
Deposit the cryptocurrency to the investment platform either directly or through a private wallet.

Investment Platforms: Note that these "platforms" exist in the form of what appear to be traditional websites, either accessible via the web or through a specific browser only accessible via cryptocurrency applications. Common factors include:

Registration using an email address or a phone number.
Two-factor authentication (e.g., a phone number + an email address) to log in.
A website name that closely mimics- or "spoofs"- a legitimate site.
A professional-looking site design that shows the portfolio in an appealing manner.
A customer support portal used to communicate about investments and withdrawals.

DID YOU KNOW?

SCAMMERS MAY USE DEEPFAKE TECHNOLOGY AND/OR HIRE REAL PEOPLE TO ENGAGE WITH YOU ON THE PHONE. EVEN IF THEY'RE REAL PEOPLE YOU'RE SPEAKING TO, THEY COULD BE PART OF THE SCAM.

Cryptocurrency Job Scams

Cryptocurrency job scams begin when scammers, masquerading as employees of legitimate companies, recruit victims and require them to deposit their own money in order to complete the job.

5.The "Growing" Investment

Once the victim starts to "invest", returns shown on the investment platform will appear to be extremely lucrative, encouraging the victim to invest more and more. It is common in the early stages for the scammers to allow victims to withdraw not only the original deposit but the earnings as well. This meant to trick victims- a means to reassure them that the platform is legitimate. Scammers use various means to "sweeten the pot", or encourage further investing. Examples include:

"Matching" - Providing their own funds to the victim's portfolio to help the victim reach an (arbitrary) investment goal.
"Scarcity"- Stating that returns or investment opportunities are only available in a short time period.

6. Taxes. Fees. and the End of the Scheme

Once the victim is ready to withdrawal all their earnings, they will find their account frozen and an arbitrary requirement will arise, usually in the form of paying "taxes" or "fees" to unlock their funds.

This is a trap: it is simply another method used by the scammers to try and convince victims to invest even more money.

It can be a particularly devastating point in the scheme, as victims will often pay more money to unlock their funds than any amount they previously deposited. At this point, there is usually nothing the victim can do: the scammers will never unlock the funds and it's likely they have already withdrawn those funds into criminally controlled cryptocurrency wallets inaccessible to the victim. In the end, the victim loses all the money they deposited to the scheme.

November 2024 Security Tip

11 COMMON ZELLE SCAMS & SIGNS TO LOOK FOR

Zelle can make money transfers quick and simple. While this benefits the legitimate users, it also makes it easy for scammers to send and receive funds before victims realize they have been duped.

1. Account Takeover Scams

Account takeover scams involve unauthorized access to victim's accounts, often by cybercriminals obtaining sensitive information through deception. A compromised account can lead to identity theft, which has multiple lasting effects, and Zelle business account scams may lead to lost revenue and other complications.

Here's how Zelle scams generally work and what they look like:

Phishing attempts: Scammers initiate contact pretending to be a trusted institution ( like a bank or Zelle itself). This could be via email, text messages, social media,or phone calls. They manipulate individuals into providing sensitive information such as username, passwords, or one-time codes.
Account takeover: Once scammers have the necessary information, they access the victim's account without their consent. For Zelle, this would generally involve the unauthorized transfer of funds to an account controlled by the scammer. Since Zelle is designed for instant money transfer, the stolen funds may be immediately accessible, making recovery by the victim more difficult.
Mule accounts: Scammers might transfer stolen funds to money mules- individuals who, wittingly or unwittingly, transfer illegal funds on behalf of others. These transfers can conceal the money trail, making it harder for authorities to track the stolen funds.

2. Facebook Marketplace scams

Facebook Marketplace scams on Zelle often require payment for goods or services. Scammers use Facebook's wide reach and the instant-payment feature of services like Zelle, to defraud unsuspecting buyers or sellers. Here are common Facebook Marketplace scams and how they might unfold on Zelle:

Buyers: Potential buyers may rush a transaction, often with a sense of urgency or an appealing story for why they can't meet or pay in person. They suggest Zelle, promising to send the money right away. After the seller provides their details, the scammer sends a fake payment confirmation.
Sellers: Once a buyer expresses interest in a fake product or service listing, the scammer insists on payment through Zelle, emphasizing the urgency of the sale or some other believable reason for not using traditional payment methods. After receiving the payment, the scammer disappears, never sending the item.

3. Customer service scams

Customer service scams on Zelle exploit customer's trust in the platform's legitimacy. Scammers impersonate customer service representatives and manipulate victims into sending money or revealing sensitive information by phone scams and may also reach out via email. Here's how these scams typically operate and what they might look like for users:

Fake customer service numbers: Scammers create and disseminate fake customer service numbers through fake support web pages or social media accounts. When a person calls these numbers, they reach a scammer posing as a customer service representative, offering assistance with the person's financial queries or issues.
Phishing emails or texts: Victims receive phishing emails or texts impersonating Zelle or their bank, stating a problem with their account or payment. The message urges the recipient to contact customer service via a provided link, email, or phone number, which is controlled by the scammers and where they will request personal information.

4. Lottery and prize scams

Zelle payment scams, including lottery and prize scams, exploit the desire for quick gains. Scammers contact potential victims, claiming they've won a substantial lottery, sweepstakes, or prize. However, to access these non-existent winnings, the scammers instruct victims to pay various fees, taxes, or security deposits. These scams generally look like:

Deceptive winning announcements: Scammers contact victims with exciting news that they've won a lottery or prize, often using official-looking documents or fake endorsements to appear legitimate.

Urgent payment requests: To claim their winnings, scammers instruct victims to pay fees, such as processing charges or taxes, using Zelle. The scammer stresses immediacy, exploiting Zelles' instant transfer feature and urging quick action for time-sensitive transactions.

5. Romance scams

Romance scams are when a scammer creates a fake romantic relationship to deceive their victim into sending them money. Scammers often target victims on dating sites, social media, or other digital platforms.

Romance scammers invest time in building a friendship, sharing personal details, and, eventually, expressing love, all while concealing their true identity and motives. These scammers may also use leaked pictures and profiles from victims of identity theft. That's why it's so important to learn what to do if your identity is stolen. These scams often involve:

Urgent needs: Once scammers establish trust, they fake crises and urgent financial needs. These might include medical emergencies, travel expenses, legal troubles, or investment opportunities.
Request for funds: The scammer suggest using Zelle for the money transfer. They might justify this by claiming they can't receive funds through other means due to their current crisis or logistical issues.
Ghosting: After receiving the money, scammers might cut off all communication, leaving the victim confused and betrayed. Alternatively, they might continue the relationship to milk more funds.

6. Investment scams

Investment scams om Zelle are when scammers reach out to potential victims via email, social media, phone calls, or other platforms, presenting fake investment opportunities that could end with you losing money or even the title to your home. These could range from stocks, real estate, and cryptocurrencies to other unconventional investment platforms. Here's what they look like:

Building credibility: Fraudsters often build credibility by showcasing financial knowledge, providing fake credentials, or fake testimonials. They may use jargon and show plans to convince the victim of their investment expertise and the opportunitiy's legitimacy.
Pressure to invest via Zelle: Scammers pressure victims to make immediate investments using Zelle. They often claim that immediate payment is necessary to secure a position in the investment, guarantee a specific return rate, or take advantage of a limited-time opportunity.
Money loss: The scammer might provide false updates about the growth of the investment, encouraging more investments. Alternatively, they may disappear entirely.

7. Rental scams

Rental scams on Zelle exploit individuals looking for housing. These scams prey on basic need, and Zelle's immediate transfer feature can make the recovery of funds nearly impossible, here's how these scams typically unfold:

Fake rental listings: Scammers create compelling, often too-good-to-be-true listings for apartments or homes. Scammers list these rentals at competitive rates to attract more victims. The rentals are fake or a copy of legitimate ads.
High-pressure tactics: Scammers pressure victims with claims of high demand and urgency, pushing them to make quick decisions. They might say that many people are interested in the property, pressuring potential renters to secure the place by sending a deposit or the first month's rent immediately.
Avoiding in-person meetings: Scammers come up with excuses to avoid meeting in person or showing the property, often citing reasons like being out of the country, the property being currently occupied, or health concerns. They might provide extensive details, pictures, and even a fake lease agreement to make everything seem legitimate.

8. Employment scams

Employment scams involving Zelle prey on job seekers by offering fake employment opportunities to defraud them of money or personal information. Here's how these scams typically play out:

Fake job listings: Scammers post attractive job offers on legitimate job-seeking websites or social media platforms or send them directly to potential victims via email. These positions often offer favorable conditions, such as work-from-home options, high salaries, or minimal experience requirements.
Conducting fake interviews and job offers: Scammers may conduct interviews, often through online platforms or email correspondence. These interactions mimic legitimate hiring processes, deceiving the victim into belieiving a genuine company is hiring them. After a seemingly successful interview, the scammer extends a fake job offer to the victim.
Financial pretext: Scammers may claim that the victim needs to pay for training materials, work supplies, initial background checks, processing fees, or other job-related costs. They may request payment through Zelle.

9. Charity scams

Charity scams on Zelle fake charitable organizations or falsely use the name of a legitimate charity. These scams often arise during times of crisis, such as natural disasters and pandemics. When involving platforms like Zelle, the scam typically unfolds in the following manner:

Solicitation: Scammers reach out to potential donors through various channels. These can include email blasts, social media posts, phone calls, or even text messages. They will often exploit recent events that garnered a lot of media attention and an emotional response, knowing that people are more likely to donate during these times.
False narrative: Scammers pose as representatives of either non-existent charities or real organizations. They create convincing narratives about the charity's goals, the urgency of donations, and the impact of contributions.
Urgency and emotional appeal: Scammers capitialize on the emotional impact of the event they're exploiting, insisting that any delay will have dire consequences. They aim to prompt an impulsive decision to donate.

10. Concert and event ticket scams

Ticketmaster scams for concerts and events involve the sale of fake tickets or non-existent tickets. They are often for popular events and concerts that sell out quickly and where many people are desperate to find tickets. Scammers exploit this urgency and the fans' trust using platforms like Zelle. Here's how these scams generally unfold:

Advertising fake tickets: Scammers post advertisements or send messages offering tickets to sold-out events, highly anticipated concerts, or popular sporting events. These tickets may appear to be premium seats, VIP packages, or standard entry at an attractive price. They list these offers on social media and fake website that mimic legitimate ticket sellers.
Creating a sense of legitimacy: To appear legitimate, scammers often provide detailed information about the seats, including section, row, and seat number, and may use images or replicas of real tickets.

11. Family and friends impersonation scams

Scammers can impersonate family and friends on social media as a part of a scam to request money from victims through Zelle. They create a time-sensitive crisis, insisting on secrecy and using Zelle for immediate funds transfer. Here's what they generally look like:

Unexpected contact: Victims receive a call, email or text message from someone claiming to be a friend or family member. The scammers typically claim to be in a dire situation, such as being stranded while traveling, in a hospital, in jail, or in another emergency scenario.
Crafting a believable scenario: Scammers use information they can gather from social media or personal information breaches to make their story more believable. Alternatively, they might pose as an authority figure, such as a lawyer or a police officer, claiming to represent a friend or family member.
Urgency and secrecy: They insist they need money immediately to resolve their emergency- perhaps for bail, hospital bills, car repairs, or a plane ticket home. They might plead with the victim not to tell anyone else in their family or friend group, supposedly out of embarrassment or fear, further isolating the victim from potential reality checks.

October 2024 Security Tip

7 Peer-To-Peer Payment Scams And How to Avoid Them

What is a P2P Payment?

A P2P Payment is a digital money transfer made between two individuals without the need for a traditional banking system. Instead, these transactions happen online using a website or mobile app.

Popular platforms like PayPal, Venmo, Cash App, Google Pay and Zelle have made it easy for people to send and receive money online almost instantly. Whether its splitting a dinner bill, paying rent or just sending a gift, P2P payments offer a convenient solution.

7 Common Peer-to-Peer Payment Scams

While P2P apps make transferring money easy, there are scammers out their aiming to trick you. Here are a few scams to watch out for:

1. Phishing

Phishing is a tactic where scammers pretend to be a trustworthy entity, like a bank or payment platform, to trick you into revealing information like your passwords and credit card details.

When it comes to P2P scams, phishing might involve fake emails, texts or calls pretending to be from popular payment apps like Paypal or Venmo. The scammer might claim there's a problem with your account, and ask you to click a link or provide login details to "fix" the issue. Once you do, they can access your account, make unauthorized transactions or even lock you out.

2. Unauthorized Money Transfers

An unauthorized money transfer happens when someone moves money out of your P2P account without your permission. Its more a type of fraud than a scam, but it's still worth knowing about. For P2P platforms, unauthorized transfers can happen if a fraudster gains access to your account details, perhaps through phishing tactics or by stealing your login credentials.

3. "Accidental" Transfers

Imagine getting money in your P2P account you weren't expecting. The sender says "Oops, that was a mistake. Can you send it back?" Sounds fair, but sometimes, it's a scam.

"Accidental" transfers occur when someone claims to have mistakenly sent money to your P2P account and asks you to return it. In this scam, after you've sent the funds back, you'll often discover that the initial funds sent to you were from a stolen source or a fake account. By the time the P2P service identifies the fraud, the scammer has your money, and you could be held responsible for the funds you received.

If someone says they have accidently transferred money to you, don't send it back. Instead, contact the P2P platform to report the incident and let them handle it.

4. Impersonation Scams

Impersonation scams trick you into believing you're dealing with a trusted entity, like your bank or a P2P platform. A scammer might call, posing as a representative of that company, warning of "suspicious activity" on your account. They'll instruct you to send money, often to "verify" your account or "revers" a transaction.

5. Fake product or Service Purchases

When you buy a product or service online, you expect to get what you paid for, right? In a fake product or service purchase scam, fraudsters pose as legitimate sellers. They'll showcase appealing products or services, and once you're convinced, they'll request payment via a P2P app. After you transfer they money, they vanish, leaving you without the item or service you paid for. If this happens, reach out to the P2P provider and your bank if it's linked to the service.

6. Work From Home Scams

Imagine landing a seemingly perfect work-from-home job. Your new "employer" sends you a check to deposit, saying it's for supplies or training. Exciting, right? But then, they instruct you to send a portion of that money to someone else via a P2P service.

Here's the catch: the check they sent you is fake. By the time your bank identifies it as fraud, you've already sent the scammer real money from your account. You're left with a drained bank account and no job. Always be wary of job offers that ask you to transfer money, especially if they sound too good to be true.

7. Physical Access

Always be cautious when lending your phone to someone. In today's digital world, it can be akin to handing over your wallet, especially if you don't have the proper security features turned on.

How To Avoid P2P Scams

Now that you know about common peer-to-peer payment scams, here are some ways you can keep yourself safe.

Know Your Recipient

Sending money via P2P is a lot like handing over cash. Would you transfer money to a stranger? Probably not. So, never send or accept P2P payments from people you don't know. Make sure you trust the other person in the transaction.

Double-Check All Details

Mistakes happen. But with money, even small mistakes can be costly. Before hitting "send", double-check all details. This includes the recipient's name, email, phone number or any other identifier. A single wrong digit could mean sending money to the wrong person.

Stay Updated With the Latest Security Features

Scammers always look for easy targets. Don't be one. Regularly update your P2P apps. Modern apps come with data encryption and other security measures that act like a shield, keeping your money safe from fraudsters.

Take Immediate Action if You're Suspicious

If something feels off, trust your gut, If you spot any suspicious activity or get an odd request, notify your P2P platform and bank right away. Better to be safe than sorry.

Keep Your Information Safe During Customer Service Interactions

If you're talking to customer service on the phone, especially if they've called you, be careful. Scammers can pretend to be customer service reps to steal your info. Never provide sensitive details, like your password, over the phone. And always use the official phone numbers you find on the P2P vendor's website, your bank statement or the back of your card.-not a number someone else gives you.

Enable Alerts and Use Multi-Factor Authentication

Enabling alerts and multi-factor authentication (MFA) adds an extra layer of security to your P2P accounts. With alerts, you get an instant notification each time you make a transaction, so you can spot suspicious activity as soon as it happens.

And with MFA, even if a scammer gets your password, they'd still need a second form of verification, like a code sent via a text message, to access your money.

Proudly serving North Texas for over 130 years.

Who We are