It’s October, and Halloween movies are streaming, including “It’s the Great Pumpkin, Charlie Brown.” In this TV classic, Linus was convinced the Great Pumpkin would deliver toys on Halloween. While his friends went trick-or-treating, Linus waited for the Great Pumpkin’s arrival. When a shadowy figure finally rose from the pumpkin patch early in the morning, a stunned Linus fainted. Turns out, it was just the costumed canine Snoopy pretending to be a World War I Flying Ace.
Have you ever been like Linus and so badly wanted something to be true, only to get something completely unexpected and disappointing? That recently happened to a longtime customer of mine. She came into the bank to initiate a wire, only to find out that the man she was sending money to was swindling her. Here’s how:
Claiming to be a computer repair technician and claiming to have repaired her computer, he charged her a fee for his service. She paid him, but he told her she overpaid, and that when he tried to put the extra money back into her account, he put too much. He said he “accidentally added a few too many zeros.” He asked her to wire him the excess and spoofed her account so it looked like she had the extra money.
Our customer truly wanted to believe this man didn’t have any bad intentions and that he was being honest. She was shocked to learn that she was close to becoming a victim of an overpayment scam. We didn’t allow the wire to be processed and were able to protect her from financial loss.
Fraudulent stories don’t often end like this, however. Every day in the U.S., thousands of people believe emails, texts and calls that promise money, services, relationships and more, only to find out that criminals have misled them and stolen their money or identities.
The best way to fight cyber-thieves is through knowledge. Because October is National Cybersecurity Awareness Month, I’d like to share how to recognize and react to scams, and what to do if you’ve become a victim of one.
4 Tips to Be Cyber-Aware and Stay Safe
1. Know how scam artists tell you to pay.
Most will entice you, or pressure you, to use a payment method that may be different for you, or one that’s unusual. In our customer story above, the “computer repair technician” requested the funds be wired to him. Scammers use wires because they know once the money is transferred, it’s gone, and that it’s very hard to trace if it went to a fraudulent account.
You should only wire funds to someone you know and trust. Likewise, you should never use digital payment services, such as Zelle® or Venmo®, to send money to a stranger.
Another way fraudsters ask people to pay today is via gift cards. In this type of scam, someone will tell you to pay them with one or more gift cards. They’ll usually pressure you into doing it quickly, saying you have to act or something bad will happen. Once you purchase the gift card, they’ll ask you to give them the gift card number and the PIN. As soon as you do, the money you loaded onto the card is gone and you cannot get it back.
If you ever get a request to pay via wire, gift card or other unusual method, stop before you do and talk to someone you trust. Call your bank. Talking through it can help you realize it might be a scam.
2. Know how scam artists “phish” for information.
Phishing scams are text, email and/or phone messages that appear to be from companies or people you know, such as your bank, but are actually from scammers. Phishing scams tempt you to share personal information (like a password or social security number) so the fraudsters can use that information to steal your money and/or identity.
Always remember that banks will never reach out to you via phone, email or text and then ask you to verify your identity by providing your:
- Account number
- Username or password
- Social security number
- PIN number
- Birthday
- The answers to your security questions
- A one-time code
- Address
If you receive suspicious texts, emails or phone calls, especially from a financial institution, asking for any of the above information, delete the text, trash the email or end the call. If you have questions about the messages, you should look up your institution’s main phone line and call them directly. Never reply to the sender of suspicious messages.
To help you learn more about phishing scams, Bank of Utah partners with the American Bankers Association every year for Banks Never Ask That!, a witty anti-phishing program. Throughout October, look for videos, quizzes and advice on our social media channels that teach you to spot fraud. You can even play the “Scam City” phishing video game on the Banks Never Ask That! website.
3. Know the security measures you should take to prevent fraud.
Don’t leave holes, or gaps, in your security features. Instead, incorporate the following security measures to protect your identity:
- When available, enable multi-factor authentication (MFA) for all of your accounts, such as your email, PayPal and Amazon accounts, etc. Think of MFA like adding a deadbolt. It requires you to input your password and a random code on your phone. The extra work required is a great deterrent.
- Use a passphrase – a sentence or random series of words – where possible. Length is key, the longer the better.
- Always use unique passphrases. A few dollars a month spent on a credible password manager, such as LastPass, Keeper or 1Password, is a great investment. Bonus: you only need to remember one passphrase.
4. Know what to do if you’ve been scammed, and do it immediately!
Scammers today are smarter and more sophisticated than ever. It’s easy to get lured in; I’ve even gotten emails and texts that made me stop and think, “Wow, that seemed legitimate,” knowing that it wasn’t.
If you’ve become a victim of cyber-fraud, your financial institution is there to help you. We want to help you. Contact us immediately. The sooner you do, the sooner we can attempt to recover your funds.
At Bank of Utah, we offer free Identity Theft Recovery Services to everyone who has a checking account with us and their qualified family members. We work with a recovery services partner, and will assign you a recovery advocate to help you with the challenging process of restoring your identity if it’s stolen.
A Final Thought
Looking back on the “Great Pumpkin,” it was actually filled with some pretty somber themes: Linus got disappointed and deserted in the pumpkin patch, his friend Charlie Brown wound up with a bag of tricks (rocks!), and Sally didn’t get one single Halloween treat because she waited up with Linus, her “Sweet Babboo”.
As we learned, bad things can happen to good people. Fortunately, it was just a cartoon, and all they lost was candy and a good night’s sleep. When it comes to cyber-fraud, though, bad things escalate quickly and can have dire consequences. Again, the more you know about fraud and how scammers work, the better defense you’ll have against it.
If you have any questions about fraud, reach out to any of our branch managers. You can also get more cybersecurity advice and information about the latest scams from Bank of Utah’s Financial Security & Education Center and Fraud Protection Resource Library.
Helen White is a former branch manager of Bank of Utah’s Tremonton branch. She worked at the Bank for more than 26, starting as an on-call teller and as branch manager for more than 15 years. Helen’s best friend is her husband. Her proudest accomplishments are their five children and 18 grandchildren.