Phishing Fraud during COVID-19
Financial organizations have seen an increase in phishing events during the COVID-19 pandemic. It is important that you understand phishing events and educate your cardholders. Phishing events are when a fraudster attempts to steal a person’s data, mainly login credentials, and card information. The fraudster then uses this information to process fraudulent card transactions or ATM withdrawals. Fraudsters often utilize social media or information bought on the Dark Web to initiate scams.
An example of the recent Phishing Attack:
- The fraudster gathers information from social media to make the scam more believable.
- Cardholder receives a phone call from the fraudster posing as a financial institution employee.
- Fraudsters often spoof phone numbers from the financial institution when contacting the victim, making it seem legitimate.
- Fraudster advises cardholder that they have fraud attempts on their card and they will receive a text with a case number.
- While on the phone, the fraudster will perform a transaction they know will generate a fraud alert.
- When the cardholder receives the case number, the fraudster asks for the case number over the phone so the card can be permanently blocked.
- Instead the fraudster is using the case number to call into the SecurLOCK IVR and validate the activity as valid, so they can continue to use the card fraudulently.
- The fraudster may suggest the cardholder transfer money into their checking account from savings to make it “safer,” thereby giving the fraudster access to more money.
- The cardholder thinks the fraud was caught and stopped, while the fraudster is busy committing more fraudulent transactions and stealing more money.
Educating cardholders is one of the best lines of defense in preventing phishing attacks. Advising cardholders on how your financial institution and FIS interacts with them will mitigate losses due to this type of activity.
FIS will never contact the cardholder to ask for the following:
- Account Number/Card Number
- Social Security Number
- Online Banking Credentials
FIS will never advise a cardholder to transfer money or withdraw money. If any information concerning suspicious activity is texted to the cardholder, FIS does not call and ask the cardholder for the information. When cardholders call into SecurLOCK to validate suspicious transactions, FIS will request the case number to authenticate them. The cardholder should always reply NO if they are unaware of the transactions in question received via a text or email, no matter what direction has been given to them.
Email Scams from University Domains
Most universities provide students with email addresses from the university’s official domain. For example, a student's email address could be firstname[at]harvard[dot]edu. Since these email addresses use real university domains, cybercriminals try to gain access to student email accounts so they can use them for their own malicious purposes.
To start the scam, cybercriminals use social engineering to gain access to a student's email account. If they are successful, the cybercriminals will send you a phishing email from the stolen email address. The university email address makes the email appear more legitimate. The email states that some messages are being blocked from your inbox and provides a link to a spoofed login page. If you click this link and enter your login credentials, cybercriminals can use your login credentials to access your sensitive information.
Don’t let a university email scam trick you. Follow the tips below to keep your sensitive information safe:
- Even if the sender’s email address is from a trusted domain, the email could be fake. Cybercriminals can gain access to trusted domains to make their scams more believable.
- When you receive an email, stop and look for red flags. For example, watch out for emails that were sent outside of business hours and emails that contain spelling or grammatical errors.
- Never click a link in an email that you aren’t expecting. If the email claims that you have an account issue, log in to the organization’s website directly to verify the claim.
Watch Out for Bank Phishing Scams
Many people see email as a convenient and effective way to receive information. Popular banks have even started using email as a primary method of communication to send account updates to their customers. Now, cybercriminals are imitating banks in their phishing emails to try to manipulate you and steal your sensitive information.
To start the scam, cybercriminals send you an exact copy of a real bank email to appear legitimate. The email states that your bank is implementing new security measures that will affect your account. Then, the email provides a link that you can click for more information. This link will redirect you to a spoofed login webpage. If you enter your login credentials, cybercriminals will be able to use them to access your bank account and steal your money.
Follow the tips below to help you stay safe from similar scams:
- Before you click a link, always hover your mouse over it. Watch out for spelling mistakes or suspiciously long URLs that can hide a website's true domain.
- Cybercriminals often use urgent or alarming claims to trick you into clicking malicious links. Always visit the organization’s website directly to log in to your account.
- Enable multi-factor authentication (MFA) on your accounts when it is available. MFA adds a layer of security by requiring that you provide additional verification to log in to your account.
Disaster Relief Scams
When a natural disaster strikes, many people rely on insurance providers for disaster relief to help them pay for damages to property. Unfortunately, cybercriminals can take advantage of this vulnerable situation by manipulating you into sharing sensitive information.
In a recent scam, cybercriminals call you and pretend to be an agent from your insurance provider. They use a spoofed phone number so the call seems legitimate. The cybercriminals claim that they need your personal information, such as your insurance account details, to reimburse you for damages. If you share this information with them, you won’t receive disaster relief. Instead, the cybercriminals can use your account details to impersonate you and steal your reimbursement.
Follow the tips below to keep your sensitive information safe from disaster relief scams:
Verify that messages are legitimate before taking action. Contact the organization directly by using another line of communication. Never trust your caller ID. Cybercriminals can spoof phone numbers to impersonate someone else. Don't share personal information, such as insurance details, in an unexpected phone call. Instead, log in to your insurance provider’s website to share any necessary information safely.
Fake Cryptocurrency Job Openings on LinkedIn
Recruiters often use LinkedIn, a popular professional networking platform, to reach out to potential candidates about job opportunities. Unfortunately, cybercriminals send fake job opportunities through LinkedIn. Currently, they're taking advantage of the growing interest in cryptocurrency to send fake jobs openings at cryptocurrency organizations.
In this scam, cybercriminals send you a recruitment message about a job opening at a prominent organization in the cryptocurrency industry, such as Crypto.com. The message claims that positions are filling quickly and urges you to download an attachment to apply. However, if you download the attachment, you could also be downloading malware that can steal your sensitive information.
Don’t let a job opening scam trick you. Follow the tips below to keep your sensitive information safe:
- Watch out for a sense of urgency in messages that you receive. Phishing attacks rely on impulsive actions, so always think before you click.
- Never click a link or download an attachment in a message that you aren’t expecting.
- Verify any recruitment messages by viewing the job openings that the organization has posted from their verified LinkedIn account or on their official website. Submit your application directly through these posts.
Healthcare Reimbursement Phishing Scams
When you request a reimbursement from your healthcare provider, it may be completed through a third-party payment processor. These payment processors often offer direct deposit payments so you can get reimbursed as soon as possible. Unfortunately, cybercriminals can use social engineering to try to steal your reimbursement.
In a recent scam, cybercriminals are sending phishing emails that appear to be related to an active reimbursement request. The emails ask you to verify your request number and other identifying information to finish processing your request. If you provide this information, cybercriminals can use it to gain access to your account by verifying your identity. Then, they can update your direct deposit information to redirect payments to their own bank accounts.
Follow these tips to stay safe from healthcare claim scams:
- Never click a link in an email that you aren’t expecting. Contact the payment processor directly by using a known phone number or email address.
- Watch out for notifications that your account information, such as direct deposit information, was changed. Always enable multi-factor authentication (MFA) on your accounts when available. MFA adds a layer of security by requiring that you provide additional verification to log in to your account.