Fraud schemes tend to spike during holiday season, so to help protect yourself, here are the most common types of fraud you'll encounter and some tips on how to avoid becoming a victim.
Types of fraud
- Phishing is when fraudsters send emails appearing to be from reputable companies in order to trick you into revealing personal information, such as passwords and credit card numbers.
- SMiShing (SMS phishing) is the act of attempting to acquire personal information such as passwords and details by masquerading as a trustworthy entity through SMS text messages on cell phones. SMiShing messages may come from telephone numbers that are in a strange or unexpected format with links directing to fake websites. A typical SMiShing occurrence can begin with a cardholder receiving a text message inquiring about a suspicious transaction on an account. In reality, the fraudster is looking to obtain other information from you such as debit/credit card numbers, CV2 codes, expiration dates, PINs and other web login credentials.
- Vishing is the telephone equivalent of phishing. Scammers use the telephone to get you to surrender private information that will be used for fraudulent purchases or identity theft.
- Brute Force schemes: these are attempts to crack a password or username, find a hidden web page, or find the key used to encrypt a message using a trial-and-error approach to guess correctly. This is an old attack method, but it's still effective and popular with hackers as they work, whether to crack a single card number or complete BIN.
- Skimming: scammers use hidden electronic devices to scan and store credit and debit card numbers and PINs. ATMs and some unattended terminals, such as gas stations, are targets for this practice.
How can you stay protected?
Be Skeptical. Always.
It's best to immediately question the authenticity of calls, texts, and emails. Here are some warning signs of scams that you can watch for.
- Text messages that ask for card numbers, PINs, codes on the back of your card, or expiration dates.
- Vague reference of a “merchant” transaction. Details should always be included.
- Hyperlinks to unknown websites. Remember to look for the .bank domain in the address.
- Phone numbers as hyperlinks. Criminals who have your card details or other personal information may spoof (mimic) the bank phone number to fool you into thinking text messages are from our fraud department.
- Deals that are too good to be true. Trust your gut. If it seems like a great deal, question it!
- Donation pressure: a legitimate charity will welcome donations whenever you choose, but fraudsters will pressure you to make it immediately.
- People who accept donations/payments with gift cards or wire transfers.
Arm yourself with tools to help you stay safe.
- Talk with your personal banker to make sure your current mobile number is on file so that we may issue text messages when suspicious activity is detected. You can learn more about two-way texting by reading this blog article.
- Explore the safety features and manage your debit card(s) with your PWSB Mobile app. With these tools, you can turn your own card on or off, or set restrictions on transactions by type, location or amount. You can also set notifications for transactions by type, location or amount. Read more on the two tools on our blog by clicking here.