You’re in the middle of browsing news on the internet and suddenly a large pop-up window flashes in the center of your screen: Warning! Security Alert! You freeze and your heart sinks thinking that now you’ve been infected with a crippling virus. Well, not yet. What you do next will determine if you will be or not.
If you take the (click)bait, you will be on your way to becoming the latest victim of one of the top online scams – known as a “tech support scam.” If you were to click through, following the instructions to “save” your computer, you might find yourself on the phone with an earnest-sounding “tech support person” who will ask to share your screen so they can help root out your problem. From there the fraudster will do any number of things: ask to check your online banking to see if there’s been theft (not yet), take a payment for malware protection service (adding a virus to your system), or download an app that protects your data (it won’t). And if the fraudster sees that you have a high bank balance, they might call you back in a month or so, and tell you they must give your money back and want you to watch them transfer the refund into your account. When the transfer comes in, it’s for $10,000 instead of $100. (They transferred from your savings to your checking- it’s your own money being ‘refunded”). The fraudster fakes a panic that they’ll lose their job, and asks for you to refund the money in the form of gift cards. And too many of us actually fall victim to this scam, all in the name of trying to avoid it in the first place by clicking on a warning. Sigh.
There are several rules of thumb that show up in the scam described above that we can use to avoid being victims. First, an unfamiliar pop-up window should just be closed. If you do suspect you may have a security issue, run your own virus protection check. Second, never share your screen with someone who contacted you. If you contact Apple tech support, for example, that would be alright. Third, never let anyone sharing your screen look at your financial information; there is simply no reason they would need it. Fourth, never pay back money in anything but the form it in which it was paid to you. Follow these rules of thumb and you can avoid the scam above and many others like it.
Another cyberscam that’s going around is the “Amazon” scam. In this subterfuge, the fraudster contacts you via email, phone, or with a text telling you there is something wrong with a delivery and to please call a provided number. Or it could be a charge to your account they are suspecting is a mistake. Either way, their goal is to have you click their link or call their number. At that point, they will attempt to “confirm” your personal information; it could be your credit card number, your sign in credentials, you name it. Their goal is to obtain your information so they can then use it for fraud. And they are getting clever: they are also doing what’s called “spoofing” which is masking their phone number to make it look like it is coming from Amazon or some other official address. They do the same with email and text addresses as well. And it’s not only Amazon they are impersonating; these fraudsters will impersonate FedEx and UPS as well. All in the name of getting a package to you that you likely didn’t even order!
Again, there are rules of thumb to follow that can help you avoid falling victim to these types of scams. First, if it’s an unfamiliar number, let them leave a message instead of picking up the phone. Then you can call back to an “official” number, and not the one they were calling from. The same holds true for texts and emails. Reply to the official customer service number for the business, or if it’s a credit card they’re looking for, call the number on the back of the card. Second, never give out your account sign in or credit card numbers to someone who has contacted you. If they are who they say they are, they would already have it. Third, take a hard look at the phone number, email address, or text reply address. When you go to reply, is it an odd looking address? Double check the website of the company before replying. Fourth, use common sense… did you even order a package? It’s surprising how many of us get caught up in the moment and default to trusting the party on the other end of the line. That is what the fraudsters are counting on – your good nature.
So don’t fall for it! The fraudsters are out there, and if you stick to a few common sense rules of thumb, you can thwart the “tech support” and “Amazon” scams and whatever else they think of next.
If you would like more information, especially as it relates to online financial scams, please visit our Security Page.