October is National Cybersecurity Awareness Month, and whether we like it or not, we are all on the front lines battling digital scams.
Statistically speaking, each day thousands of people fall victims to fraud via emails, text messages, and phone calls. The Federal Trade Commission’s (FTC) report on fraud estimates that consumers lost a combined $3.3 billion to phishing schemes and other fraud in 2020. That number means the dollar output of fraud outpaces some entire industries.
Occurrences of phishing and other fraud only continue to grow. The 2020 number is nearly double the same figure in 2019. It seems that the pandemic has only increased the number of fraudulent activities as people look for alternative means of income.
A number of businesses and products have sprung up to combat the tide of fraud. The good news is that there are some great tools that can help prevent falling victim to phishing attacks. The bad news is that even expensive software solutions are far from foolproof in their approach. At the end of the day, awareness is the greatest weapon against phishing and other fraud schemes. Knowing what to look for can make all the difference in those critical moments after you receive a phishing email or text message.
Here are three signs that a phone call or text message is a scam:
- The email address or phone number that sent the message is unfamiliar. When reading an email, it’s easy to assume that the sender is legitimate. However, training yourself to verify the sender’s email address can save you a lot of grief by performing a relatively painless and quick check. The vast majority of phishing emails do not arrive from a spoofed, or faked, email address. Instead, they are often sent from other email addresses that the scammer has compromised. An email address with a strange domain name from another country is often a quick indicator that something is not right. If the email or text message sender is strange to you, delete it.
It’s also very easy to sign up for a text message service or email service and forget. Many services send those automated alerts from a random number or email. However, if you have no history from that email address or phone number, then that’s another simple sign that you at least need to proceed with caution.
If you do receive one of those urgent messages via text or email from an unknown sender, a simple call to a trusted and previously established contact number can erase any confusion. These numbers can be located on the back of a debit card, for example, or can be found on the website.
- Avoid so-called short URLs or links that otherwise make a pressing issue go away with a click. The marketing world abounds with the use of short URLs, which are clever and memorable ways to share website links. They make use of unique domains and often have a play on the brand’s name or other associated phrase. The links make it easy to fit into character limits in messages and via social media.
They’re also a great way for the bad guys to hide a web address that might otherwise be a huge red flag in a text or email message.
There are a myriad of free or cheap services that offer these short URLs, so take nothing for granted when presented with one. Scammers will spoof existing short URLs that a company uses, or come up with their own clever ones. Avoid these links, especially when they come in emails or text messages. It will always be better to go directly to the company’s website than to ever follow these links. If you never click on one of these links, then you won’t fall victim to the tactic.
- Avoid messages that make you want to click. Scammers are intelligent and crafty in their approach. Most phishing messages, whether sent via email or text message, present a pressing issue that must be addressed quickly, often by just clicking a link. Scams include everything from false transaction reports, to suspicious login activity, on to impersonation attempts of law enforcement officers. All of these methods, and those in between, seek to generate an emotionally-driven response that causes you to click without thinking.
You may be worried about the money that already appears to be leaving your account with a suspicious charge notification, only to click right into a phishing trap. Resist the emotions that make you want to click and cause your stomach to drop. Instead, stop and think logically about the issue. Would my bank really send this sort of message? How can I be certain this is from them? Instead of clicking, call the number on the back of your debit card to verify the transaction.
The single largest takeaway from dealing with phishing scams is to slow down and think. Never respond in fear, anger, or any other emotion that drives a quick response. In hindsight, the details surrounding even some of the better phishing attempts can be obvious after the fact. Strange senders, suspicious links, or overly-pressing alerts seem like definite scams with a clear mind, but seem much more concerning in the heat of the moment. This is why training yourself with the right tactics ahead of time will save you the time, money, and effort of working to clean up the mess later.
With First Palmetto Bank, you can rest easy knowing that there are built-in fraud prevention methods like EMV chips with our debit cards. However, in an increasingly digital world with more online transactions than ever, the chances of fraud taking place online are also higher than ever. That’s why we have certain protections for our customers who notify us when they fall victim to fraudulent charges and help limit liability when notified in a timely manner.
If you are concerned about fraud pertaining to your account, please contact us and avoid clicking on any automated warnings or links. If your account indeed encounters fraudulent charges, then we can help you.