Imagine you’re waiting in line for coffee and your phone starts going off. You suddenly get two text messages, an email and a missed call – all from your bank saying they suspect fraudulent activity on your account. They’ve put a hold on your accounts for security reasons and urge you to contact them to unlock the accounts.
You want to follow up, but something doesn’t feel quite right.
Given the explosion in social engineering attacks like phishing, vishing or smishing scams, it’s wise to be skeptical of urgent and unexpected emails, phone calls and text messages you receive. The 2021 Data Breach Investigations Report (DBIR) notes that more than one-third (36%) of all data breaches involve phishing.
The pain of those breaches is real: The FBI’s Internet Crime Report found that phishing, vishing and smishing were the No. 1 reported cybercrime last year, costing victims more than $54 million in damages.
For the individual whose mobile device is getting overwhelmed, though, the question is often simple: “What can I do?”
Analysis by Cofense Intelligence found 70% of phishing incidents involve information stealers and keyloggers, which are types of malware programs that secretly gather information from your computer, enabling fraudsters to swipe your credentials.
A common phishing email scam involves a message saying there was suspicious account activity and, to unlock your account, you must provide personal information. Once you provide this information, the phisher can use it to clear out your bank accounts or make fraudulent purchases using your credit card. (A “smishing” scam follows the same logic, except the scammer’s mode of contact is via a text message.)
The most important thing to remember is this: Legitimate companies will never ask you to provide your personal information via email or text. They won’t call you and ask for it either. If you get such a message, immediately recognize it as a scam and delete it.
Financial institutions may notify you that they had to freeze your accounts based on suspicious activity, but then they’ll instruct you to unlock them. Rather than asking for your credentials, they’ll typically ask you to log into your online account over a secure internet connection to verify the transactions.
The moral of this story is if you ever get an email, text or phone call stating that there has been suspicious activity on an account, be on alert.
And remember that IdentityForce is always here to help monitor your identity and credit while providing you with the latest news and information in identity theft protection.