Scammers Have a New Way to Phish for Bank Account Information, Banker Says

A new phishing scam is hitting banking customers—and this time, the scammers make it seem like their messages are coming from the real customer service line or fraud prevention hotline.

The scam was revealed by wrestling announcer Lenny Leonard, who says that when he’s not calling body slams and sleeper holds, he’s a “mid-level executive with a very large financial institution.” In a Twitter thread, he details the new scam and how not to fall for it.

Leonard warned on Thursday that he had been called by a scammer who had spoofed the legitimate phone number to his bank. The scammer then sent a fraud alert using this number, asking if he recognized a certain charge.

In Leonard’s case, he says that when he told the scammer that he’d have to call them back, the scammer told him to look at the back of his debit card to confirm that they were calling from the same number. After telling off the scammer, Leonard says he called his bank and, sure enough, no legitimate alert had been sent, nor had any unusual activity been seen on his account.

Leonard told his followers how to not fall for the scam.

“If you EVER have someone CALL YOU and say they are your bank, do NOT provide any information like that over the phone on an INBOUND CALL,” he wrote. “Tell them you need to call them back & make sure you are dialing the number on the back of your card NOT a # they give you”.

“I would just urge everyone to make sure they are sharing this with their less tech savvy friends and family because the text I got looked EXACTLY like a prior text I had gotten from the bank my account is with,” Leonard told Newsweek.

A representative from Chase also confirmed that the company was familiar with the scam.

“Unfortunately, scammers target consumers from many banks. We urge all consumers to never share their banking passwords or send money to someone who tells them that doing so will prevent fraud on their account. Bank employees won’t call, text or email consumers asking for this information, but scammers will,” Amy Bonitatibus, Chase’s chief communications officer, told Newsweek.

While spoofing a phone number is common with scammers, often it’s a fake number as well, though Western Bank warns their customers that fake calls can come from a number they recognize.

The bank also lists a variation on the scam Leonard warns of. In the version Western Bank describes, a scammer spoofs the legitimate customer service number of the bank, like before. But this time, anticipating a response like Leonard’s, the scammer will ask the victim to call them back using the same number that’s on the back of the debit card—which is the same as the one they’re spoofing.

In this variation, though, they’ll leave the phone connection active, fooling the victim with a fake dial tone. Once the victim dials, the scammer “answers,” in hopes that the victim will be fooled into thinking the scammer is indeed a legitimate employee.

One way to thwart this is to remember that a real bank employee will already have your information. Never offer up important information like a bank account number. Instead, ask the bank employee if you can confirm their information by asking them to read off what they have.

In addition, banks will never ask for a PIN, a full Social Security number or a customer’s online banking username and password. Banks already have access to customers’ accounts, and when it comes to Social Security numbers, a legit bank employee will only ask for the last four digits to confirm.

By

Source: Scammers Have a New Way to Phish for Bank Account Information, Banker Says

.

More contents:

Woman With Missing Dog Gets Scam Texts Threats To Expose Affair to Her Wife

Accused Leader of GoFundMe Scam With Homeless Vet Sentenced to 27 Months

How ‘The Tinder Swindler’ Made This Woman Realize She Was Being Scammed

Phishing for phishing awareness”. Behaviour & Information Technology. 32 (6): 584–593. doi:10.1080/0144929X.2011.632650. ISSN 0144-929X. S2CID 5472217.

Phishing attacks and countermeasures”. In Stamp, Mark; Stavroulakis, Peter (eds.). Handbook of Information and Communication Security. Springer. ISBN 978-3-642-04117-4.

Internet Crime Report 2020″ (PDF). FBI Internet Crime Complaint Centre. U.S. Federal Bureau of Investigation. Retrieved 21 March 2021.

The Phishing Guide: Understanding and Preventing Phishing Attacks”. Technical Info. Archived from the original on 2011-01-31. Retrieved 2006-07-10.

The Big Phish: Cyberattacks Against U.S. Healthcare Systems”. Journal of General Internal Medicine. 31 (10): 1115–8. 2005). “A Leet Primer”. TechNewsWorld.

Security Usability Principles for Vulnerability Analysis and Risk Assessment”. Proceedings of the Annual Computer Security Applications Conference 2007 (ACSAC’07). Archived from the original on 2021-03-21. Retrieved 2020-11-11.

Susceptibility to Spear-Phishing Emails: Effects of Internet User Demographics and Email Content”. ACM Transactions on Computer-Human Interaction. 26 (5): 32.

Data Breach Investigations Report” (PDF). PhishingBox. Verizon Communications. Retrieved 21 March 2021.

Fifteen years of phishing: can technology save us?”. Computer Fraud & Security. 2019 (7): 11–16. doi:10.1016/S1361-3723(19)30074-0. S2CID 199578115. Retrieved 21 March 2021.

The Black Market for Netflix Accounts”. The Atlantic. Retrieved 21 March 2021.

Spear Phishing: Who’s Getting Caught?”. Firmex. Archived from the original on 2014-08-11. Retrieved July 27, 2014.

Hacking Gets Personal: Belgian Cryptographer Targeted”. Info Security magazine. 3 February 2018. Retrieved 10 September 2018.

RSA explains how attackers breached its systems”. The Register. Retrieved 10 September 2018.

Epsilon breach used four-month-old attack”. itnews.com.au. Retrieved 10 September 2018.

What Phishing E-mails Reveal: An Exploratory Analysis of Phishing Attempts Using Text Analyzes”. SSRN Electronic Journal. doi:10.2139/ssrn.3427436. ISSN 1556-5068. S2CID 239250225. Archived from the original on 2021-03-21. Retrieved 2020-11-02.

Threat Group-4127 Targets Google Accounts”. secureworks.com. Archived from the original on 2019-08-11. Retrieved 2017-10-12.

How the Russians hacked the DNC and passed its emails to WikiLeaks”

More Remote Working Apps:

https://quintexcapital.com/?ref=arminham     Quintex Capital

https://www.genesis-mining.com/a/2535466   Genesis Mining

 http://www.bevtraders.com/?ref=arminham   BevTraders

https://www.litefinance.com/?uid=929237543  LiteTrading

https://jvz8.com/c/202927/369164  prime stocks

  https://jvz3.com/c/202927/361015  content gorilla

  https://jvz8.com/c/202927/366443  stock rush  

 https://jvz1.com/c/202927/373449  forrk   

https://jvz3.com/c/202927/194909  keysearch  

 https://jvz4.com/c/202927/296191  gluten free   

https://jvz1.com/c/202927/286851  diet fitness diabetes  

https://jvz8.com/c/202927/213027  writing job  

 https://jvz6.com/c/202927/108695  postradamus

https://jvz1.com/c/202927/372094  stoodaio

 https://jvz4.com/c/202927/358049  profile mate  

 https://jvz6.com/c/202927/279944  senuke  

 https://jvz8.com/c/202927/54245   asin   

https://jvz8.com/c/202927/370227  appimize

 https://jvz8.com/c/202927/376524  super backdrop

 https://jvz6.com/c/202927/302715  audiencetoolkit

 https://jvz1.com/c/202927/375487  4brandcommercial

https://jvz2.com/c/202927/375358  talkingfaces

 https://jvz6.com/c/202927/375706  socifeed

 https://jvz2.com/c/202927/184902  gaming jobs

 https://jvz6.com/c/202927/88118   backlink indexer  https://jvz1.com/c/202927/376361  powrsuite  

https://jvz3.com/c/202927/370472  tubeserp  

https://jvz4.com/c/202927/343405  PR Rage  

https://jvz6.com/c/202927/371547  design beast  

https://jvz3.com/c/202927/376879  commission smasher

 https://jvz2.com/c/202927/376925  MT4Code System

https://jvz6.com/c/202927/375959  viral dash

https://jvz1.com/c/202927/376527  coursova

 https://jvz4.com/c/202927/144349  fanpage

https://jvz1.com/c/202927/376877  forex expert  

https://jvz6.com/c/202927/374258  appointomatic

https://jvz2.com/c/202927/377003  woocommerce

https://jvz6.com/c/202927/377005  domainname

 https://jvz8.com/c/202927/376842  maxslides

https://jvz8.com/c/202927/376381  ada leadz

https://jvz2.com/c/202927/333637  eyeslick

https://jvz1.com/c/202927/376986  creaitecontentcreator

https://jvz4.com/c/202927/376095  vidcentric

https://jvz1.com/c/202927/374965  studioninja

https://jvz6.com/c/202927/374934  marketingblocks https://jvz3.com/c/202927/372682  clipsreel  

https://jvz2.com/c/202927/372916  VideoEnginePro

https://jvz1.com/c/202927/144577  BarclaysForexExpert

https://jvz8.com/c/202927/370806  Clientfinda

https://jvz3.com/c/202927/375550  Talkingfaces

https://jvz1.com/c/202927/370769  IMSyndicator

https://jvz6.com/c/202927/283867  SqribbleEbook

https://jvz8.com/c/202927/376524  superbackdrop

https://jvz8.com/c/202927/376849  VirtualReel

https://jvz2.com/c/202927/369837  MarketPresso

https://jvz1.com/c/202927/342854  voiceBuddy

https://jvz6.com/c/202927/377211  tubeTargeter

https://jvz6.com/c/202927/377557  InstantWebsiteBundle

https://jvz6.com/c/202927/368736  soronity

https://jvz2.com/c/202927/337292  DFY Suite 3.0 Agency+ information

https://jvz8.com/c/202927/291061  VideoRobot Enterprise

https://jvz8.com/c/202927/327447  Klippyo Kreators

https://jvz8.com/c/202927/324615  ChatterPal Commercial

https://jvz8.com/c/202927/299907  WP GDPR Fix Elite Unltd Sites

https://jvz8.com/c/202927/328172  EngagerMate

https://jvz3.com/c/202927/342585  VidSnatcher Commercial

https://jvz3.com/c/202927/292919  myMailIt

https://jvz3.com/c/202927/320972  Storymate Luxury Edition

https://jvz2.com/c/202927/320466  iTraffic X – Platinum Edition

https://jvz2.com/c/202927/330783  Content Gorilla One-time

https://jvz2.com/c/202927/301402  Push Button Traffic 3.0 – Brand New

https://jvz2.com/c/202927/321987  SociCake Commercial https://jvz2.com/c/202927/289944  The Internet Marketing

 https://jvz2.com/c/202927/297271  Designa Suite License

https://jvz2.com/c/202927/310335  XFUNNELS FE Commercial 

https://jvz2.com/c/202927/291955  ShopABot

https://jvz2.com/c/202927/312692  Inboxr

https://jvz2.com/c/202927/343635  MediaCloudPro 2.0 – Agency

 https://jvz2.com/c/202927/353558  MyTrafficJacker 2.0 Pro+

https://jvz2.com/c/202927/365061  AIWA Commercial

https://jvz2.com/c/202927/357201  Toon Video Maker Premium

https://jvz2.com/c/202927/351754  Steven Alvey’s Signature Series

https://jvz2.com/c/202927/344541  Fade To Black

https://jvz2.com/c/202927/290487  Adsense Machine

https://jvz2.com/c/202927/315596  Diddly Pay’s DLCM DFY Club

https://jvz2.com/c/202927/355249  CourseReel Professional

https://jvz2.com/c/202927/309649  SociJam System

https://jvz2.com/c/202927/263380  360Apps Certification

 https://jvz2.com/c/202927/359468  LocalAgencyBox

https://jvz2.com/c/202927/377557  Instant Website Bundle

https://jvz2.com/c/202927/377194  GMB Magic Content

https://jvz2.com/c/202927/376962  PlayerNeos VR

Leave a Reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.

%d bloggers like this: