Wednesday, April 26, 2017

Spam, Shams and Other Scams: A Look at Today's Latest Threats

By Ken Otsuka, Sr. Risk Consultant

Phishing, smishing, and spoofing.... Without a doubt, scams and shams targeting credit unions and members are on the rise. And, fraudsters are attacking the path of least resistance - whether it's your credit union, your employees or your members.

A survey by Truecaller reports that individuals receive more than 22 spam calls and texts each month. And, 27 million Americans lost approximately $7.4 billion to telephone scams alone.

While it's difficult to tell how many calls come from fraudsters, their tactics are getting more crafty. They pressure victims to make important decisions on the spot by using innovative schemes and new twists on existing, age-old scams. And, today's multi-channel approach involving traditional mail, phone calls, emails, texts, online banking, and mobile technology complicates matters.

As weapons that fraudsters can use grow, so do the types of cons. A few of them include:
  • Phone Calls: These are designed to scam members into simply saying 'Yes.' Fraudsters record responses as a voice signature and attempt to make fraudulent charges and account changes.
  • Smishing: These data harvesting attempts come through fraudulent text messages. They often include malware, websites, and phone numbers to create an immediate threat or call to action.
  • Spoofing: These are cloned, fake websites that mirror actual financial websites. Watch out for misspelled words, low-resolution images and altered URLs.
  • Phishing: These are attempts to acquire sensitive financial information like user names, passwords and account numbers through email. They masquerade as legitimate communications from a members' financial institution.
In all of these cases – and many others - fraudsters look for victims who find their stories convincing and will willingly share sensitive information. The data can then be used to authorize and transact wire transfers, ACH, plastic card, counterfeit checks and other types of transactions.

Unfortunately, these transactions are often performed on a legitimate exchange platform; but, they're all based on fairy tales. One rule of thumb that should apply: trust your gut. If something doesn't feel right, follow up, inquisitively, to learn more. In some cases, refusing service due to a potential scam is the only way out.

To learn more about how your credit union can combat fraudsters, watch a special webinar (1 hr., 13 min.): "Spam, Shams, and Other Scams." The on-demand session includes our senior risk consultants, Robert Jarosinski and Ken Otsuka, who discuss recent fraud trends, how you can detect a scam, what to do if you encounter one and how you can reduce the impact to members.

Combatting fraud and scams in a dynamic environment is not easy. Protecting members is an even trickier proposition. So, educate your team. Know the scams. Spread the word. And stay vigilant.