Estimated read time: 4-5 minutes
This archived news story is available only for your personal, non-commercial use. Information in the story may be outdated or superseded by additional information. Reading or replaying the story in its archived form does not constitute a republication of the story.
OGDEN — While the pandemic is wreaking havoc with the health of millions around the world, cybercriminals are also trying to take advantage of beleaguered consumers by targeting their bank accounts.
The American Bankers Association this month is launching an industry-wide effort to combat online fraud aimed at individual consumers and their banking activities. The “Banks Never Ask That” campaign was developed to inform consumers about the ongoing risk of phishing scams perpetrated by criminals worldwide.
The Federal Trade Commission estimates phishing schemes cost consumers almost $1.9 billion last year, with the global pandemic only adding to the threat.
“We’ve had customers that have been targeted with phishing campaigns related to the pandemic and the election, also with regards to government programs tied to the pandemic like (Paycheck Protection Program) loans,” said Brian Stevens, senior vice president of information technology at Bank of Utah.
“Basically, anytime there’s something that’s notable going on and people might be interested in or that impacts their lives, fraudsters are going to use that as an opportunity to try to instill some urgency in their victims and try to get them to do something (immediately).”
The goal of this campaign is to help people see the pattern of phishing, specifically that banks are never going to try to create a situation where a consumer is triggered to give out their account username and password, he said. The campaign uses videos and animated GIFs, along with consumer tips on social media and in local bank branches to help consumers spot bogus bank communications that ask for sensitive information.
Because cybersecurity education and fraud awareness can frequently be glossed over by consumers, the campaign uses humor to try to be more memorable, a news release states. Campaign advertising asks questions that banks would never ask such as, “Do you believe in aliens?” alongside sample phishing questions that banks would never ask, such as, “We’ve spotted some unusual activity on your account, can you please verify your username and password?”
“Every day we see new phishing scams targeting business owners and consumers that can catch people unaware and lure them into sharing personal information and ultimately paying money to a fraudster,” Stevens said. “If a person’s computer does get compromised through phishing, we often see hackers picking up on an existing transaction between the hacked person and his or her bank, or between a hacked business and a vendor.”
He said in either case, hackers sends emails impersonating the victim asking the bank to transfer money or asking a vendor to make a payment for services to a fake account.
“Most of the time when we get involved our customer has been tricked into giving their bank username and password to someone,” he said.
Stevens warns consumers to never share their bank username, password or Social Security number by email or phone with anyone, and if you receive a request for payment from a vendor that seems unusual, call someone you know and trust at that organization to verify the legitimacy of the request.
“We can’t stop people from clicking on fraudulent email links, so we’re trying to educate people as much as we can to realize the pattern,” he added.
Stevens noted that scammers have learned how to entice potential victims of all ages, thereby widening their pool of potential targets.
“We do see a lot of young people being victims as well. Usually, that’s more related to schemes that are ‘get rich quick,’ where they’ve found ads for work from home by surfing internet,” he said. “(It’s) where someone is tricking them into becoming a money mule, which is someone who is unknowingly running money through the bank to launder it for someone who’s stolen it from somewhere else.”
Typically the younger generation who are more comfortable with technology are targeted with big money schemes, but they don’t realize they’re helping someone commit fraud. However, with people who are less comfortable with technology, they are usually targeted with more email fraud scams, he added.
Stevens also noted that cybercriminals are very smart and spend all of their time trying to come up with clever ways to trick consumers into taking the virtual bait.
“It’s not a part-time job for these guys, this is their job. They’re doing this all day every day and they’re gonna adapt just like everyone adapts every day at their job to what presents itself,” Stevens said. “These are really smart individuals that are using a lot of automated tools and they just spend their time being creative and figuring out what’s going to trigger the right behavior.”
“They don’t need to be right all the time. They can send thousands and thousands of emails, they just need to get one person who is either anxious about the contents of the email or not giving enough attention to what they’re reading or looking at,” he said. “They just need to catch them in a weak moment.”
