Phishing is the attempt of stealing a person’s data by a fraudster, mainly login credentials and card information. Fraudsters will then use this information to perpetrate fraudulent transactions. They will often use social media or information bought on the Dark Web to initiate scams.
Fraudsters will use information from social media to make the scam sound more believable. They will also spoof the financial institution’s phone number when contacting the cardholder to make it seem legitimate.
The following is an example of the recent Phishing Attack:
The fraudster gathers information from social media to make the scam more believable. Then, the cardholder receives a phone call from the fraudster posing as a financial institution employee. Fraudsters often spoof phone numbers from the financial institution when contacting the victim, making it seem legitimate.
The fraudster advises the cardholder that they have fraud attempts on their card and they will receive a text with a case number. While on the phone, the fraudster will perform a transaction they know will generate a fraud alert. When the cardholder receives the case number, the fraudster asks for the case number over the phone so the card can be permanently blocked. Instead the fraudster is using the case number to call into the SecurLOCK IVR and validate the activity as valid, so they can continue to use the card fraudulently.
The fraudster may also suggest the cardholder transfer money into their checking account from savings to make it “safer,” thereby giving the fraudster access to more money. The cardholder thinks the fraud was caught and stopped, while the fraudster is busy committing more fraudulent transactions and stealing more money.
As a reminder, SecurLOCK will never ask for the following information:
- Account Number/Card Number
- Social Security Number
- Online Banking Credentials
Also, SecurLOCK will never suggest transferring money from one account to another. If any information concerning suspicious activity is texted to the cardholder, SecurLOCK does not call and ask the cardholder for the information. When cardholders call into SecurLOCK to validate suspicious transactions, SecurLOCK will request the case number to authenticate them. The cardholder should always reply NO if they are unaware of the transactions in question received via a text or email, no matter what direction has been given to them.
If you have any questions, please contact
The Advantage Network at 605-335-5113.