X

Send us a Topic or Tip

Have a suggestion for the blog? Perhaps a topic you'd like us to write about? If so, we'd love to hear from you! Fancy yourself a writer and have a tech tip, handy computer trick, or "how to" to share? Let us know what you'd like to contribute!

Thanks for reaching out!
black keyboard with fraud prevention key

Phish Tales: Don’t Be Scammed by Faux Fraud Alert Emails

There’s a new type of business scam, and it’s much more believable than those that came prior. It is a form of business impersonation. Business impersonation scams are growing as a whole. The FTC reports that the number of scams involving business impostors has skyrocketed in 2021, jumping up to 94,874 reports this year already – eclipsing government impersonation scams as the most prevalent type of fraud today. But this particular con is especially nefarious. So, what’s the new post-COVID big scary business impersonation scam?


The Fake Fraud Scam

Let me take you on a journey. Say you get a phone call saying your account had a suspicious charge. The ring is from a reputable company that you do business with – PayPal, your bank, your credit card provider, Social Security. When you call back the number to dispute the charges, they ask for your information to look up your account. They say they need access to your computer to confirm, so you give them log-in details. You resolve the charge and hang up the phone. The following day, all of your accounts are wiped.

Sound too freaky to be true? It’s happening every day. Check out this poor man’s song of sorrow. Modern scammers are impersonating businesses to gain access to your data. The phone calls come from a reasonable number, with someone who sounds like a company agent on the line. The fake fraud scam is one of the most believable ones they’ve come up with yet. So how do you know if the fraud alert email or phone call is real or if it’s a masquerade intended to forcibly separate you from your hard-earned cash?


How to Sniff Out Illegit Fraud Claims

Blue credit card on computer keyboard on a phish hook - fraud alert email scam

Part of the challenge in identifying a fake fraud charge is that banks, third-party payment providers, credit card companies, and government organizations do need some personal information to access your account. However, no legit organization will ask for a full social security number or your password to your computer. Different phishing scammers need different levels of information to hack into your financial accounts, so even information such as your birthday, the last four digits of your soc, and more can leave you in a position to be scammed.

If you have even an inkling of a feeling that a fraud charge call or fraud alert email might be fallacious, your best bet is to immediately call the number on the back of your credit card. Or get the number of the company calling you from your statement or web search. Bottom line? Never call the number left to you in an email or voicemail and then give them your personal info. 


Curtail Fraud Alert Scams at the Start

The people that are the most likely to be frauded are those that spend the second least time online. The demographic reporting the most fraud is age 60-69, comprising 19% of all reported fraud thus far in 2021. As fraud-alert scammers get smarter and their phishing grift gets more convincing, it’s important to reach out to your older family members to give them a heads up. Information is the best method of prevention when it comes to strategies scammers use to separate us and our loved ones from our money.

Have you experienced a strange form of fraud that our readers should know about? Spread the word! Reach out to us in the comments, and we may be in touch to interview you for an upcoming article for Rocket Yard Blog.



Jasmine Glasheen
the authorJasmine Glasheen
Contributing Writer
Jasmine Glasheen is Senior Copywriter. She's a writer, speaker, and retail and technology thought leader. Glasheen is a leading voice on what comes next, sharing her insights in retail magazines, news sites, tech blogs, and eBooks.
Be Sociable, Share This Post!

Leave a Reply

Comment

Name

18 Comments

  • This post longer than the maximum the posting system accepts, so I have broken it into two successive posts.

    PART 2 OF 2

    I called the Fraud Departments of both of my cards to complain that this scammer somehow was able to get my up-to-the-day current balance. One bank canceled my card and will Fed Ex a new one to me, which should arrive in 2 days. The other bank put a fraud alert on my account (which was all I wanted, since I don’t want to be without both cards). I then changed the passwords to log into each of those accounts. Later, I checked both accounts, and there were no unauthorized charges to either.

    Your name, address, and phone number are available on the internet. Credit card account numbers, expiration dates, and security codes are also available, since most merchants get them when you make a credit charge (unless you are using the new Apple Card at a retail terminal or have gotten a One-Time number from your card company), and that information can be accessed by lots of employees. But my current balance?

    Maybe the call was legit and the agent was simply upset that I had wasted his time. Both bank fraud departments said they had no idea how he got my current balance, but maybe they are unaware of other deals their bank is involved in. In any case, it is much safer to not divulge any information to any unsolicited contact–phone, email, mail, or any other. If you think the offer is real and you are interested, call the bank yourself using a phone number you know does go to the bank. Missing a low probability of a good deal is much better than having to fix an almost certain fraud.

  • This post longer than the maximum the posting system accepts, so I have broken it into two successive posts.

    PART 1 OF 2

    I received a phone call offering to reduce the interest rate on my credit cards to zero. I get several of these calls a week and know they are spam phishing calls, but I play along to waste their time so they can’t be scamming someone else. Wasting their time is the only weapon we have against these scammers, and I know they are dishonest scammers because they violated the Federal Do Not Call law by calling me.

    However, this one was different!

    He asked me for my bank, my card balance, and expiration date. I told him one bank name and made up a fake balance of about $10,000 and fake expiration date. He then asked for my credit card number.

    I wouldn’t give him my credit card number and said, “This is a call out of the blue, so I don’t know who you are. You may be just trying to find out my credit card number. You say you are with the credit card company and are offering to lower my interest rate because I have good credit, so you must have access to my account–you tell me what my card number is.” At that point, the line went dead, which is the usual occurrence when the scammer realizes he is wasting his time (although often he first gets verbally abusive). But a minute later, the phone rang again, and a different person asked why we were disconnected. I said I assumed they had disconnected. He then picked up from where the other guy had left off.

    He told me the first 4 digits of my card number. I replied he was wrong (which he was). He then said he could prove he was from Cardholder Services and works with all credit cards because he could tell me my current balances–which he then did on each of my two cards from different banks. He was correct on both, right up to today’s balance.

    It shocked me that he knew my balances. I said, “If you have access to my accounts, you can see that I pay off my balance in full every month, so I don’t need a zero interest. He replied that if I now miss a payment I would be charged $5,000. I said, “What are you talking about? What $5,000 charge?” He said I had agreed to take the offer and if I now did not pay my balance off in full, I would be hit with a $5,000 charge. I replied, “Now you have proven this is a scam. I did not sign up for your offer and you can’t charge me $5,000.” He then threatened to make a $5,000 charge now and hung up.

  • Is there a character count limit on these posts? When I click “Post Comment,: it opens a new web page that says, “You don’t have permission to access “http://eshop.macsales.com/blog/wp-comments-post.php” on this server.
    Reference #18.2d746268.1631387966.19d62cf8″

    I don’t want to rewrite it over an over, shortening each time, to find one that works. If there is a character count or word count, say so following the “LEAVE A REPLY” heading.

  • For the record, PayPal never asks users to install screen sharing programs to obtain refunds of fraudulent charges.

  • Just received a call the other day about my Amazon account and an order that needed to be confirmed. I did not respond to the call and hung up. A follow up email was sent to me that day that shoed Amazon customer service. I clicked on the site and noticed at the same time a suspicious email address. However, I read the email and it did not make sense since I had not placed an order that week. I reported it as a phishing scam to msn.

  • I’ve gotten two of these possible scams from Individuals posing as PayPal representative employees. One used the name Robin Cherry and the other used from PayPal Dept. and both used gmail.com as their return contact. I do not use PayPay as a way to pay for my items that I order on-line. I did not call the contact number posted.

  • Just use common sense; the less common of the senses. Never ever give your access credentials to anyone. Never ever click a link to enter your credentials (or check that it is genuine placing the mouse pointer over it to show the true real link). Ever. That easy!

    • “…(…check that [the link] is genuine placing the mouse pointer over it to show the true real link).”

      Sadly, this can only be done on a laptop/desktop….there is no way to do this on a cell phone, which is what more and more people rely on. :-(

  • We just received a mailed letter from Citibank, saying they were trying to reach us to send $715 of unclaimed property. The letter was very formal, no grammatical errors, claimed the amount was a refund from 2017. They had my husband’s name and address, and wanted him to send back a signed and notarized letter “proving” it was him. They didn’t ask for any other personal information, but the only Citi account we had was my Costco card. So I called Citi using my account information. The representative contacted their fraud department as well as managers, even did an account search under my husband’s social, a determined there was no such “refund” tied to any Citi account. Still aren’t sure what the scammer would gain by obtaining his signature but we weren’t going to find out. Most disturbing was that I found hundreds of people searching online to determine whether these letters were legit, and no one responded in the negative, and Citi fraud seemed to know nothing about it!

  • Okay, so here is a variation on the scam that you have described. To assure you that the call is legitimate, the caller will tell you to immediately hang up and call the 800 number shown on your credit card. That MUST be legit, right? Except that they do not hang up at their end. When you pick up to call the 800 number, they are still on the line and so your call does not go through. Instead, you hear a ringing signal THAT THEY ARE PLAYING THROUGH THE OPEN LINE. Then, they “answer” your call, you think it is really the bank and then they get all the information that you think is protected.

    • Good thing to point out. The key to that is very easy… when you hang up, be sure to hang up long enough for the call to actually be disconnected. A call will not stay connected forever if one party hangs up.

      Of course, this works far better with landlines than cell phones. One more reason we still have a landline.

      A bit a a side note…. one thing I hate about cell phones is that none of the apps makes it easy to verify the actual email or url in messages. ON a computer, you can hover your mouse over the email or url and see the real email or url. There is no equivalent on a cellphone AFAIK. I do not understand why no one has provided solution or this.