Scammers may pose as businesses or people you know like your credit union, utility company, popular retail stores, phone provider, or even a friend or relative. They may ask you to send funds to yourself or others using mobile or online banking. They may spoof legitimate phone numbers to call or text to make the request more convincing. Scammers use different tactics to fall for their schemes. In some cases, they can be friendly, sympathetic and seem willing to help. In others they use fear tactics to persuade a victim.
Common Scams
Elder Fraud / Grandparent Scam
Seniors are often targeted because they tend to be trusting and polite. They also usually have financial savings, own a home, and have good credit—all of which make them attractive to scammers.
Criminals pose as a relative—usually a child or grand child—claiming to be in immediate financial need such as in jail or in trouble with law enforcement.
Money Mules
A money mule is someone who transfers or moves illegally acquired money on behalf of someone else.
Criminals recruit money mules to help launder proceeds derived from online scams and frauds or crimes like human trafficking and drug trafficking. Money mules add layers of distance between crime victims and criminals, which makes it harder for law enforcement to accurately trace money trails.
Money mules can move funds in various ways, including through bank accounts, cashier’s checks, virtual currency, prepaid debit cards, or money service businesses.
Some money mules know they are supporting criminal enterprises; others are unaware that they are helping criminals profit.
Money mules often receive a commission for their service, or they might provide assistance because they believe they have a trusting or romantic relationship with the individual who is asking for help.
If you are moving money at the direction of another person, you may be serving as a money mule.
Lottery and Sweepstakes Scams
Criminals claim to work for legitimate charitable organizations to gain victims’ trust. Or they claim their targets have won a foreign lottery or sweepstake, which they can collect for a “fee.”
Romance Scams
Romance scams occur when a criminal adopts a fake online identity to gain a victim’s affection and trust. The scammer then uses the illusion of a romantic or close relationship to manipulate and/or steal from the victim.
The criminals who carry out romance scams are experts at what they do and will seem genuine, caring, and believable. Con artists are present on most dating and social media sites.
The scammer’s intention is to establish a relationship as quickly as possible, endear himself to the victim, and gain trust. Scammers may propose marriage and make plans to meet in person, but that will never happen. Eventually, they will ask for money.
Scam artists often say they are in the building and construction industry and are engaged in projects outside the U.S. Some may say they are in the military and stuck overseas or a government employee. That makes it easier to avoid meeting in person—and more plausible when they ask for money for a medical emergency or unexpected legal, medical or travel fee.
If someone you meet online needs your bank account information to deposit money, they are most likely using your account to carry out other theft and fraud schemes.
Spoofing
Spoofing is when someone disguises an email address, sender name, phone number, or website URL—often just by changing one letter, symbol, or number—to convince you that you are interacting with a trusted source.
For example, you might receive an email that looks like it’s from your boss, a company you’ve done business with, or even from someone in your family—but it actually isn’t.
Criminals count on being able to manipulate you into believing that these spoofed communications are real, which can lead you to download malicious software, send money, or disclose personal, financial, or other sensitive information.
Phishing
Phishing schemes often use spoofing techniques to lure you in and get you to take the bait. These scams are designed to trick you into giving information to criminals that they shouldn’t have access to.
In a phishing scam, you might receive an email that appears to be from a legitimate business and is asking you to update or verify your personal information by replying to the email or visiting a website. The web address might look similar to one you’ve used before. The email may be convincing enough to get you to take the action requested.
But once you click on that link, you’re sent to a spoofed website that might look nearly identical to the real thing—like your bank or credit card site—and asked to enter sensitive information like passwords, credit card numbers, banking PINs, etc. These fake websites are used solely to steal your information.
Types of Phishing
Phishing has evolved and now has several variations that use similar techniques:
Vishing
Vishing scams happen over the phone, voice email, or VoIP (voice over Internet Protocol) calls.
Smishing
Smishing scams happen through SMS (text) messages.
Pharming
Pharming scams happen when malicious code is installed on your computer to redirect you to fake websites.
You see withdrawals from your bank account that you can’t explain.
You don’t get your bills or other mail.
Merchants refuse your checks.
Debt collectors call you about debts that aren’t yours.
You find unfamiliar accounts or charges on your credit report.
Medical providers bill you for services you didn’t use.
Your health plan rejects your legitimate medical claim because the records show you’ve reached your benefits limit.
A health plan won’t cover you because your medical records show a condition you don’t have.
The IRS notifies you that more than one tax return was filed in your name, or that you have income from an employer you don’t work for.
You get notice that your information was compromised by a data breach at a company where you do business or have an account.
How to Protect Yourself
Be weary of unfamiliar calls, computer messages, pop-up messages, texts or emails requesting personal information.
Be careful when posting personally identifiable information on social media. Enable security settings to limit what you share publicly.
Verify you are sending to a trusting recipient by calling a trusted or verified phone number from a recent bill or visit a local office.
Be cautious if pressured to respond on immediately; this is what scammers want you to do.
Scammers will ask you to pay in an unusual way such as gift card, pre-paid debit cards, bitcoin, and digital currency including CashApp, Venmo, Zelle, or Paypal.
Do not share login credentials nor account number; some scammers may convince you that you are owed money and may request your account information.
Never allow anyone to remotely access your computer nor mobile device. They may convince you that your device has a virus.
Stay proactive and keep yourself safe by following these steps. Enable a multi-factor authentication, make sure your software is up-to-date, use strong unique passwords.
