Two-factor verification can be a bit of a time-consuming pain, waiting for a text or email from your bank or credit card company to make sure it’s actually you communicating with them. But scammers, ever the nefarious opportunists, have concocted what they hope is a lucrative method of deception by exploiting the two-factor verification process.

Envision this scenario: Let’s assume that some fraudster has managed to obtain your bank or credit card username and password (even if it’s old data) with the intention of stealing from you (of course). These scammers will either call or email you, claiming to be from the particular institution they want to steal from. They might try to scare you into believing them by warning that someone may have compromised your account (oh, the irony). Let’s say it’s a phone call. The caller will “inform” you that they are emailing or texting you a “onetime passcode” for logging into your account, then afterward they’ll ask you to read it back to them for verification. Here’s the kicker: the fraudster’s login attempt has now triggered your bank or credit card company into automatically sending you the verification passcode. Unknowingly, you end up providing these scumbags with that information, allowing them to drain your account.

How to protect yourself

Sometimes it’s not so obvious that you are communicating with a scammer over the telephone. Many of these bank impersonators have gotten quite good at pretending to be helpful and friendly bank or credit card personnel. Spam emails are bit easier to suss out as scams (faulty grammar and bad formatting), although some emails might appear very convincing. It’s best to err on the side of caution and go directly to your institution’s website and log in — or call them directly from a number listed on the website or on your bank statement. The same goes for phone calls — just hang up and find your bank or credit card company’s actual phone number (again on their website or from a statement) and speak with a legitimate representative. Ask them if there really is a problem with your account, then let them know that you were contacted by a scammer.

According to the FTC, bank impersonation is the most-reported text message scam

A new analysis from the Federal Trade Commission shows that bogus bank fraud warnings were the most common form of text message scam reported to the agency, and that many of the most common text scams impersonate well-known businesses.

In a newly issued data spotlight, the FTC ranks the top five types of text message scam reported in 2022, with examples of each showing the ways that scammers craft messages designed to deceive consumers. Consumers reported losing $330 million to text message scams in 2022, more than doubling what was reported in 2021.

READ MORE HERE

From Aura.com, How to Spot Bank Impersonation Scams (Text, Email & Phone)

Fraudsters target your bank account by impersonating bank employees via emails, calls, and texts. Learn how to spot the warning signs before it’s too late.

READ MORE HERE