The internet has become an essential tool for everyone, especially during the pandemic. According to Pew Research Center, 90% of Americans say the internet is essential or important to them, and 40% are using the internet in new ways, including for online transactions.1
The number of U.S. digital bank users is expected to exceed 200 million in 2022, which is more than 75% of the population.2 With the increase in online banking is an increase in online bank scams. From January through April of 2021, digital fraud attempts were up 25% compared to September through December 2020.3
The rise in online fraud accompanies the increase in online transactions. With the pandemic and recurring lockdowns, consumers have found themselves trapped at home. That means more online shopping and sending out for groceries, meals, and other goods. More businesses are embracing e-commerce, and many vendors are even insisting on card-only in-store transactions to limit physical handling of currency.
Not surprisingly, there has been an uptick in online fraud and cybercrime as well. According to a study by the Association of Certified Fraud Examiners, 51% of organizations report an increase in fraud, and 71% expect to see the level of fraud increase in the next year.4 And the nature of online bank scams is changing as well. Cybercriminals are becoming more subtle and smarter in their tactics to steal your money.
COVID-19 has made fraudsters smarter.
To avoid becoming a victim of an online bank scam, take the time to educate yourself and know what to look for:
Phishing continues to be the most common form of cyber scam. Phishing is when an attacker sends you a fraudulent message to trick you into surrendering personal information or downloading malware. What has changed is the sophistication of the attacks. Attackers are now taking the time to study their victims and develop more targeted messages from vendors people recognize, such as Microsoft, Google, Apple, PayPal, and others. In one week in April 2020, Google reported blocking 18 million COVID-related phishing and malware emails per day.
Unlike scammers in the past, online scammers are now taking the time to study their victims to look for patterns. Learning more about their intended victims makes it easier to create more credible phishing messages. Cybercriminals will pretend to be your bank, credit union, or favorite retailer. It's common to receive a message designed to throw you into a panic, such as “Your account has been compromised,” in hopes of getting you to react without thinking. Once a fraudster gains access to your bank account, they learn more details about you they can use in other ways.
Account Takeover (ATO)
In 2022, you can expect to see an increase in account takeovers (ATOs). Once a fraudster acquires personal information or login credentials, they take over the account, changing your password and even gaining control of other accounts such as mobile or email accounts. Hackers are using more sophisticated technology and even artificial intelligence to perpetrate ATO fraud.
Authorized Push Payment (APP)
As mobile banking and smartphone use increase, so have real-time transactions, which has led to an increase in authorized push payment (APP) fraud. With APP scams, the scammer uses popular payment apps such as Venmo, Cash App, or PayPal to trick the consumer into making a real-time transfer of money. Most APP systems are linked to your bank account or credit card, and once the money is transferred, the transaction cannot be reversed.
Cryptocurrency and Related Scams
People still fall for get-rich-quick schemes, and with fraudsters targeting victims by lifestyle and demographics, there are more victims. Often, scammers use social engineering techniques to convince victims to take advantage of low-risk, high-reward offers. Cryptocurrency scams have become particularly popular because they promise high returns and are poorly understood. Crypto scammers stole $14 billion in 2021, according to one report.
The classic online scams are still out there. Fraudsters still send out messages purportedly from your bank or credit card company asking to clarify a transaction or update an account. You will still see emails informing you that you won a contest you have never heard of. You will hear from scammers who claim to have compromising personal information they will send to your friends if you don’t pay them. And you will still hear from foreign “government officials” asking for help getting money out of their country.
Common sense is your best defense.
While the crooks behind online bank scams are getting smarter, you can protect yourself by using common sense. If you stop and think before responding to a phishing message or sharing personal information, you can save yourself a lot of heartaches. Here are some basic rules to remember:
- Does the offer seem too good to be true? If it sounds too good to be true, then it is. Any offer of free goods or services or telling you that you are a winner is sure to be an attempt to steal personal information.
- Do you know the sender? Even if a message looks like it is from your bank or someone you do business with, it could be a scam. Fraudsters are very good at creating emails that look legitimate. Check the sender address to make sure it’s not from a spam list or an anonymous account.
- Do they offer a click-through for a response? Unsolicited emails with embedded links could be an attempt to get you to click on a link that will infect your system with malware. If you think an offer is legitimate or want to verify your account, don’t click on the link in the email. Instead, open your web browser and open your account manually to make sure you are visiting the right account destination.
- Does an offer ask for personal information? Never provide personal information online such as your name, address, Social Security number, or birthday unless you are sure of the party making the request.
- How do they ask to pay? If the offer asks for payment in advance or is asking for a direct funds transfer or bank transfer, then be suspicious. Funds transferred from your bank account or a direct payment transfer can’t be recovered. If you use a credit card and the transaction is found to be fraudulent, the credit card company may reimburse you for any losses.
In addition to applying common sense, also be vigilant. Monitor your online bank accounts and credit cards, and watch for suspicious or unauthorized transactions. Also, monitor your credit score and check the credit reports regularly to make sure there is no unauthorized activity or new accounts. You can always protect yourself from fraud or identity theft using credit monitoring. You can place a fraud alert on your credit report, or you can implement a credit freeze to prevent someone from accessing your credit information.
Anyone can become a victim of an online bank scam. Be conscious of how you use your credentials online and how you handle online financial transactions. It also pays to have the right financial institution in your corner. iQ Credit Union is always ready to help its members protect their money, including dealing with fraud. If you want to learn more about ways to protect your money, be sure to download our Financial Survival Guide.