Protect yourself from identity theft and fraud

by Dan Cardi, Vice President and Corporate Security Officer, Community Bank NA They say knowledge is power, and when it comes to fraud, knowledge is powerful protection. The more you know about scams, the more likely you’ll be to spot and resist them. But where do you start? How do you know it’s a scam before it’s too late? Let’s talk fraud prevention. 

There are a few common types of fraud. The schemes keep evolving, but we still see variations of traditional hoaxes, like someone giving you a counterfeit check and asking you to forward the funds to them. Classic phone scams are ever present, too. We’ve all heard stories of a “grandchild” stuck overseas and needing funds urgently. But that’s just the tip of the iceberg.

Imposter scams can happen by phone, text, email, social media and chat. The common thread is a person pretending to be someone you trust pressuring you to send money or share personal information. These bad apples are good actors and can impersonate just about anyone, from an IRS auditor to a utility company representative, a tech support specialist to a person looking for a relationship on a dating app.

As texting has become second nature, there has been a significant increase in text and chat scams. You might have received messages claiming problems with a UPS delivery or a Costco order. We’ve received inquiries about texts supposedly from a “bank” — I’ve received them, too — containing links that redirect you to deceptive websites that closely resemble the genuine ones. If you attempt to log in, scammers gather your details for potential identity theft. My best advice? Stay vigilant!

Likewise, social media platforms, WhatsApp and gaming chats are inundated with counterfeit profiles, fraudulent friend requests, scams promising easy money and ticket sales, and invitations bearing malicious motives.

What about the lingo that goes hand-in-hand with fraud? You may have heard of phishing, vishing and smishing but don’t know what they mean. They’re just different forms of imposter scams. These are emails (phishing), phone calls (vishing) and texts (smishing) that seem to be from an authentic source — your bank, boss or Amazon, for example — with a made-up story about why you need to open a link or attachment or fork over money, gift cards or identifying information. Vishing often includes spoofing, which is making a phone number appear legitimate on caller ID.

In these scenarios, scammers attempt to coerce victims into meeting their demands, enabling them to redirect funds, install malicious software or entice individuals to websites where their credentials are harvested.

How do you know if someone is trying to scam you? Scammers use fear and urgency to get victims to act quickly without verifying the situation. So if someone says there’ll be a bad consequence if you don’t respond immediately, that’s a red flag. If the voice on the phone sounds “off,” put up your guard.

Similar to other criminals, scammers aim to avoid detection. This is why they request payments that are untraceable or non-refundable, such as wire transfers, digital payment platforms like Venmo and gift cards. Alternatively, they may ask for information that can be used for identity theft. Exercise caution if anyone insists on these forms of payment or requests sensitive information.

Phishing emails require extra vigilance. I’m a security professional and even I’ve been impressed by how authentic they can appear, right down to the correct company logo. We’ve had business customers receive invoices that look remarkably legitimate, so they pay them and ultimately find out that the payment was directed to a criminal’s account. If they had looked more closely at the link before clicking, they would have seen it went to the wrong website. We’ve seen people fall for scams that link to because they weren’t paying attention to the details.

So scrutinize every detail. This involves verifying the sender’s email address and phone number against the authentic ones, inspecting website URLs, hovering your cursor over hyperlinks to ensure they match the genuine web address, being attentive to spelling and grammar mistakes, and considering the tone of the message. Ask yourself if the sender would employ such language or come across as impersonal and coercive.

Remember, trustworthy institutions like Community Bank N.A. will never ask you to share your Social Security number, account numbers or password over email, text or the phone. If you’re not sure, call your local branch or the number on the back of your card. Community Bank or any Government agency will never ask you to use your own money to help with an investigation, ever. And remember, you accounts are insured by the FDIC!

I used to be a police officer and I’d tell people to be aware of their surroundings. The same advice applies to the internet and social media. Verify who’s around you and:

  • Regularly update passwords and refrain from using identical ones across various applications.
  • Steer clear of public Wi-Fi networks and USB charging stations.
  • Refrain from making payments, clicking links, opening attachments or installing software without verifying their authenticity.
  • Configure your email spam filters and social media privacy settings to the most stringent levels.
  • Use spam detection to mute calls from unknown numbers; genuine callers will leave a message, while spam calls can be blocked.
  • Exercise caution regarding the information you share on social media platforms.

If you think you’re being scammed, don’t interact or respond. Just hang up the phone or delete the email or text. It might not feel nice, but it’s the way to stay safe. If you’re not sure, look up the person or business’ contact information and reach out to them directly.