Picture this: last week, I’m waiting in line for coffee and my phone starts going off. Two text messages, an email, and a missed call from my bank alerting me to fraudulent activity on my account. For security reasons, they’ve put a hold on all of my accounts, and I need to call them to unlock the accounts. Something doesn’t feel quite right.
I visited my bank’s website and found their customer service number and called from there. As it turns out, this was a real alert, and I just had to verify two large purchases I recently made. I was so relieved, but then I started thinking about what would have happened if the emails and texts I received had been “smishing” or “phishing” scams. Imagine if that number had been a scammer, and I’d provided them with my personal information?
The truth is, this happens all the time, to people just like you and me. Commonly, phishing email scams involve a message saying there was suspicious account activity. And, to unlock your account, you must provide personal information to the caller or emailer. After you provide this information, the phisher will use it to clear out bank accounts or participate in fraudulent activity on your credit. A “smishing” scam follows the same logic, except the scammer’s mode of contact is via a cell phone text message.
Here’s the thing, though: legitimate companies will never ask you to provide your personal information via email. They also won’t call you and ask for it. In the case with my bank, the organization called to notify me that they had frozen my accounts, but they didn’t ask me to unlock them then and there. Instead, they encouraged me to log into my account and verify my purchases with a secure Internet connection.
The moral of this story, is, of course, if you ever get an email, text, or phone call stating that there’s been suspicious activity on an account, proceed with caution. Never click on the link provided in the email, and don’t call the phone numbers that they’ve provided, either. Instead, navigate directly to the organization’s website and call the customer service number listed there. Alternatively, you can call the number listed on the back of your bank or credit card.
An abundance of caution isn’t always enough: take further steps and put your number on the Do Not Call list, and setup your email inbox to filter out spam and phishing mail. And remember that IdentityForce is always here to help monitor your identity and credit, and provide you with the latest news and information in identity theft protection.
Image courtesy of Flickr user Widjaya Ivan.