Could You Spot a Phishing Scam?
October 22, 2020
Every day, thousands of people fall victim to fraudulent emails, texts and calls from scammers pretending to be their bank. And in this age of online banking, the problem is only growing worse.
In fact, the Federal Trade Commission’s report on fraud estimates that American consumers lost a staggering $1.9 billion to these phishing schemes and other fraud in 2019 — and the ongoing pandemic has only increased the threat.
Imagine where we are in 2020. It’s time to put scammers in their place.
Online scams aren’t so scary when you know what to look for. And at Northwestern Bank, we’re committed to helping you spot them as an extra layer of protection for your account. We’ve joined with the American Bankers Association and banks across the country in a nationwide effort to fight phishing— one scam at a time. We want every bank customer to become a pro at spotting a phishing scam — and stop bank impostors in their tracks.
It starts with these four words: “Banks Never Ask That.” Because when you know what sounds suspicious, you’ll be less likely to be fooled.
Types of phishing scams
Scammers use an abundance of techniques to try and trick you into giving up your personal information. You’ve probably seen some of these scams before, but that doesn’t stop a scammer from trying:
1) Text message scams
If you receive a text message out of the blue, from someone claiming to be your bank, be suspicious. If the text asks you to sign in, click a link or offer up your personal information — it’s a scam. Banks never ask that. Delete the text immediately, and DO NOT respond or tap any links inside the text message. It's best to call your bank directly using an official customer service phone number.
2) Email scams
Watch out for unprompted emails that ask you to click a suspicious link, open an attachment or send account information. The sender may claim to be someone from your bank, but it’s a scam. Banks never ask that. Trash the email and whatever you do, DO NOT click or reply. The safest way to contact your bank online is through its official website.
3) Phone call scams
Would your bank ever call you to verify your account number or a security code? No! Banks never ask that. You may be asked to verify confidential information if you're the one who calls your bank first, but it never works the other way around. If you receive an incoming call from someone claiming to be your bank, the safest thing you can do is hang up and call your bank’s customer service number.
Sometimes, thieves will use a mix of scam texts, phone calls and emails to steal your information — all at the same time!
For example, let's say a scammer already has your contact information and is trying to access your accounts. If they guess your online password, now all they need is your security code to log in. To steal this, they'll call you pretending to be from the Bank's fraud department, and ask you to "verify" the PIN that was just texted to your phone. Don't fall for it. A security code or confirmation PIN is for your eyes only, and the Bank will never contact you out of the blue and ask for one.
Also: watch our for coronavirus scams
Scammers are also taking advantage of the fear and uncertainty surrounding COVID-19, posing as government or health organizations to steal your personal information. For more information on these schemes, read our blog on coronavirus-related scams.
Warning signs of a phishing scam
If you receive an email, text, or phone call asking for confidential information, it’s a definite red flag. Some phishing scams can be hard to spot, but here are some warning signs:
1) Someone you don't recognize
Look at the email address or phone number that sent the message. If you don't recognize it, or if it comes from a suspicious place that's not your Bank's official domain or number — that's a red flag.
2) Threats or false sense of urgency
Scammers prey on your sense or urgency, usually by including some threat — like "act now or your account will be closed," or "this offer only lasts for 24 more hours." Your Bank will never do this. If a message is full of threats, you can assume it's a scam.
3) Poor grammar or spelling
Professional companies would never send out emails littered with typos. Constant misspellings or unnatural use of language — these are clear indicators that a message is a scam.
4) Suspicious links
Always think twice before you click. Going to the wrong link could lead you to a spam site, or worse — you could download malicious software to your device. If a message looks suspicious, just delete it and contact your Bank using the official website or phone number.
What to do if you spot a phishing scam:
If you detect a phishing scam, it’s better to be safe than sorry. First and foremost, you should end the call, delete the text or trash the email. Next you should make your bank aware of the specific threat, because the more people who are warned about a particular scam, the better. Finally, report the incident at the FTC's consumer complaint website: FTC.gov/Complaint.
You can also stay up-to-date on the latest fraud prevention tips by subscribing to our monthly newsletter.
What’s your scam score?
October is National Cybersecurity Awareness Month, which means there’s no better time than now to boost your scam-spotting knowledge. Take the five-minute quiz at the ABA's scam-spotting website and become a scam-spotter pro! Share your scam score on Twitter for a chance to win weekly prizes, courtesy of the American Bankers Association. Each Friday in October the ABA will draw 15 winners. One lucky grand-prize winner will receive $1,000—will it be you?
Take the Quiz
This article was written in partnership with the American Bankers Association.