It's not just the holiday season for shoppers -- cyber-criminals look forward to this period of increased retail activity as a way to steal our money and personal information. This new wave of fraud is no longer simply targeting your somewhat antiquated desktop computer or even your laptop, but the scamsters are now finding ways to rip you off via all your wireless devices. In response to this wave of fraud, the Federal Bureau of Investigation (FBI) has warned the public to use caution when making online and cellphone purchases.
During this holiday season, you may receive a text message or an automated phone call on your cellphone saying there's a problem with your bank account. You're given a phone number to call or a website to log into and asked to provide personal identifiable information -- like a bank account number, PIN, or credit card number -- to fix the problem.
Beware: It could be a "smishing" or "vishing" scam... and criminals on the other end of the phone or website could be attempting to collect your personal information in order to help themselves to your money. While most cyber scams target your computer, smishing and vishing scams target your mobile phone, and they're becoming a growing threat as a growing number of Americans own mobile phones. (Vishing scams also target land-line phones.)
"Smishing": a combination of SMS texting and phishing
"Vishing": voice and phishing
Smishing and Vishing are two of the scams the FBI's Internet Crime Complaint Center (IC3) is warning consumers about as we head into the holiday shopping season. These scams are also a reminder that cyber crimes aren't just for computers anymore.
Here's how smishing and vishing scams work:
- Criminals set up an automated dialing system to text or call people in a particular region or area code (or sometimes they use stolen customer phone numbers from banks or credit unions).
The victims receive messages like: "There's a problem with your account," or "Your ATM card needs to be reactivated," and are directed to a phone number or website asking for personal information.
Armed with that information, criminals can steal from victims' bank accounts, charge purchases on their charge cards, create a phony ATM card, etc.
Sometimes, if a victim logs onto one of the phony websites with a smartphone, they could also end up downloading malicious software that could give criminals access to anything on the phone. With the growth of mobile banking and the ability to conduct financial transactions online, smishing and vishing attacks may become even more attractive and lucrative for cyber criminals.Here are a couple of recent smishing case examples:
- Account holders at one particular credit union, after receiving a text about an account problem, called the phone number in the text, gave out their personal information, and had money withdrawn from their bank accounts within 10 minutes of their calls.
- Customers at a bank received a text saying they needed to reactivate their ATM card. Some called the phone number in the text and were prompted to provide their ATM card number, PIN, and expiration date. Thousands of fraudulent withdrawals followed.
Gone Phishing: Illegitimate Delivery Services
The major legitimate delivery service providers do not e-mail customers directly regarding scheduled deliveries; you have to already have an existing account for this type of communication. Nor will they state when a package has been intercepted or is being temporarily held. E-mails about these issues are phishing scams that can lead to personal information breaches and financial losses.
Be Safe: Never immediately reply to emails from purported providers such as FedEx, UPS, etc. The better practice is to find the authentic website or 800-number for such companies and to confirm any delivery queries. Most reputable delivery firms have an online "Track My Order" link you can use to trace a delivery.
Think about this: Why would a delivery company need to know confidential information or financial data in order to deliver a package to you?
Have I Got A Deal For You
The FBI warns that Internet criminals post classified advertisements on auction websites for products they do not have. If you buy merchandise promoted via an online ad or auction site but receive it directly from the retailer, it could be stolen property. You can protect yourself by not providing the seller with your financial information.
Use legitimate payment services for transactions. Fraudsters will also offer reduced or free shipping to auction site customers. They provide fake shipping labels, but they don't pay for the packages' delivery. Parcels shipped with these phony labels are intercepted and identified as fraudulent.
The Gift That Doesn't Keep On Giving
It's safest to purchase gift cards directly from merchants rather than through auction sites or classified ads. If the merchant discovers the card you received from another source was initially fraudulently obtained, the card will be deactivated.
FBI's Internet Crime Complaint Center (IC3) Consumer Protection Tips
- Treat your mobile phone like you would your computer...don't download anything unless you trust the source.
When buying online, use a legitimate payment service and always use a credit card because charges can be disputed if you don't receive what you ordered or find unauthorized charges on your card. Check each seller's rating and feedback along with the dates the feedback was posted. Be wary of a seller with a 100 percent positive feedback score, with a low number of feedback postings, or with all feedback posted around the same date.
Don't respond to unsolicited e-mails (or texts or phone calls, for that matter) requesting personal information, and never click on links or attachments contained within unsolicited e-mails. If you want to go to a merchant's website, type their URL directly into your browser's address bar Be cautious of e-mail claiming to contain pictures in attached files; the files may contain viruses. Only open attachments from known senders. Scan the attachments for viruses if possible.
Avoid filling out forms contained in e-mail messages that ask for personal information.
Always compare the link in the e-mail with the link to which you are directed to determine if they match and will lead you to a legitimate site.
Log directly onto a store's website identified in the e-mail instead of linking to it from an unsolicited e-mail. If the e-mail appears to be from your bank, credit card issuer, or other company you deal with frequently, your statements or official correspondence will provide the proper contact information.
Contact the actual business that supposedly sent the e-mail to verify if the e-mail is genuine.
If you are asked to act quickly, it may be a scam. Fraudsters often create a false sense of urgency.
Verify any requests for personal information by calling the business or financial institution using the phone numbers listed on a billing statement or credit card.When in doubt:
If you have received a suspicious e-mail, file a complaint with the Internet Crime Complaint Center.
For more information on e-scams, visit the FBI's E-Scams and Warnings webpage: www.fbi.gov/scams-safety/e-scams
Our 2024 Coverage Needs You
It's Another Trump-Biden Showdown — And We Need Your Help
The Future Of Democracy Is At Stake
Our 2024 Coverage Needs You
Your Loyalty Means The World To Us
As Americans head to the polls in 2024, the very future of our country is at stake. At HuffPost, we believe that a free press is critical to creating well-informed voters. That's why our journalism is free for everyone, even though other newsrooms retreat behind expensive paywalls.
Our journalists will continue to cover the twists and turns during this historic presidential election. With your help, we'll bring you hard-hitting investigations, well-researched analysis and timely takes you can't find elsewhere. Reporting in this current political climate is a responsibility we do not take lightly, and we thank you for your support.
Contribute as little as $2 to keep our news free for all.
Can't afford to donate? Support HuffPost by creating a free account and log in while you read.
The 2024 election is heating up, and women's rights, health care, voting rights, and the very future of democracy are all at stake. Donald Trump will face Joe Biden in the most consequential vote of our time. And HuffPost will be there, covering every twist and turn. America's future hangs in the balance. Would you consider contributing to support our journalism and keep it free for all during this critical season?
HuffPost believes news should be accessible to everyone, regardless of their ability to pay for it. We rely on readers like you to help fund our work. Any contribution you can make — even as little as $2 — goes directly toward supporting the impactful journalism that we will continue to produce this year. Thank you for being part of our story.
Can't afford to donate? Support HuffPost by creating a free account and log in while you read.
It's official: Donald Trump will face Joe Biden this fall in the presidential election. As we face the most consequential presidential election of our time, HuffPost is committed to bringing you up-to-date, accurate news about the 2024 race. While other outlets have retreated behind paywalls, you can trust our news will stay free.
But we can't do it without your help. Reader funding is one of the key ways we support our newsroom. Would you consider making a donation to help fund our news during this critical time? Your contributions are vital to supporting a free press.
Contribute as little as $2 to keep our journalism free and accessible to all.
Can't afford to donate? Support HuffPost by creating a free account and log in while you read.
As Americans head to the polls in 2024, the very future of our country is at stake. At HuffPost, we believe that a free press is critical to creating well-informed voters. That's why our journalism is free for everyone, even though other newsrooms retreat behind expensive paywalls.
Our journalists will continue to cover the twists and turns during this historic presidential election. With your help, we'll bring you hard-hitting investigations, well-researched analysis and timely takes you can't find elsewhere. Reporting in this current political climate is a responsibility we do not take lightly, and we thank you for your support.
Contribute as little as $2 to keep our news free for all.
Can't afford to donate? Support HuffPost by creating a free account and log in while you read.
Dear HuffPost Reader
Thank you for your past contribution to HuffPost. We are sincerely grateful for readers like you who help us ensure that we can keep our journalism free for everyone.
The stakes are high this year, and our 2024 coverage could use continued support. Would you consider becoming a regular HuffPost contributor?
Dear HuffPost Reader
Thank you for your past contribution to HuffPost. We are sincerely grateful for readers like you who help us ensure that we can keep our journalism free for everyone.
The stakes are high this year, and our 2024 coverage could use continued support. If circumstances have changed since you last contributed, we hope you'll consider contributing to HuffPost once more.
Support HuffPostAlready contributed? Log in to hide these messages.