Typically when someone receives an unexpected call or text message that appears to be from their bank, and being savvy and wary of fraud and scams, one of the first things that they will do is Google the phone number that shows in the Caller ID to confirm that it really is someone from their bank who is calling or texting them. And that is why scammers who are committing bank fraud and phishing have become adept at spoofing their own Caller ID to make it appear to actually be coming from their target’s bank.
“How do they know what bank I use? Isn’t it just a crapshoot?” you may be wondering. Make no mistake, lists of hacked personal information that combine and match up the PII (personally identifiable information) from one hack with the PII from another so as to take a good guess at – if not to actually confirm – who you are, what your phone number is, and where you bank, are being bought and sold on the dark web as you are reading this.
We recently received this note from a reader who works as a bank fraud specialist, and who asked us to get the word out about this. Here is their note:
I work as a bank fraud specialist, and one scam that has been going around recently has cost our customers thousands of dollars, which have not, in most cases, been recovered.
It starts with a text message, claiming to be from the victim’s bank, asking if a charge for [amount, anywhere from $1000.00 to $3500.00] is authorized. When the victim responds, they then get a call from the scammer, posing as the fraud department of the victim’s bank. The victim is instructed to send money to “themselves” to keep it out of the hands of hackers. Terrified by this point, the poor victim follows the instructions, not realizing what has really happened until afterwards. The worst part about this scam is that the scammers are able to “spoof” the victim’s caller ID, so the number that appears will show up in a Google search as the number for their bank or even their bank’s fraud department. I’d like to see an article about this. It’s something people should know about.
Well, dear and helpful reader, here is that article; we appreciate your diligence, the warning, and your taking the time to share this information with us!
So what should you do if you receive an unexpected text message or phone call from someone claiming to be with your bank’s fraud department (or any other department for that matter)? First, do not respond to the text or call. Instead, call the number for your bank from the back of your credit card or a bank statement, or from the bank’s website. Remember, that old adage “Don’t call me, I’ll call you” goes doubly for financial institutions.