It’s happened to all of us. We receive a text or email from a financial institution that we do business with asking us to click on a link. It all appears so realistic — a logo you recognize, a request to take immediate action.
And that’s how easily you can be scammed in what’s known as a “phishing” expedition. That’s the generic term for text or email contacts that tempt you to respond immediately out of a sense of danger and urgency. It’s our normal instinct to follow those instructions. And that’s a big mistake.
These days our greatest exposure to online fraud comes not from malware programs on our computers but from ourselves!
It all starts so innocently. You click on a link that leads you to a familiar looking website. But It’s just a clever fake! According to research firm Tessian, Google has registered 2,145,013 phishing sites as of Jan 17, 2021, up 27% from the previous year. Those are just the sites they’ve uncovered!
Siobhan Johnson is an FBI special agent and spokesperson. She says it’s not your imagination that you’re being attacked more frequently by cybercriminals.
“Everyone is at home and online, so there are more potential victims,” she said. “Plus, the criminals are operating at a higher level and they are getting better at what they do. … The ones that succeed force consumers to move fast. And that’s how they hook you in, telling you that you must move right now. People don’t stop and think. And then it’s too late to unclick that link.”
The FBI reports that the “cutting edge” of phishing scams is now done by text. Johnson notes that since you are receiving texts from legitimate businesses, the phishing messages might look more legitimate. Also, on your phone you are more likely to be multi-tasking and click the link out of habit.
She advises simply deleting the text because if you click through out of curiosity, you may be immediately exposed. If you’re concerned that it might be a real text from your bank, call them directly to investigate. It’s probably a common scam they will recognize.
One big problem: People seem embarrassed at getting caught — and embarrassed to report their losses. But Johnson says it’s important to act quickly to protect yourself, and others.
Her advice: Contact the FBI immediately at-800-CALLFBI. Don’t delete anything. Johnson points out that the FBI has a fraud recovery team that’s had great success in recovering money stolen through these scams.
Perhaps the scariest and most brazen phishing attempts come from con artists pretending to be the IRS. Karen Connelly, spokesperson for the IRS says: “Any time you get an email from any government agency — the IRS included — you should be on alert The IRS uses the U.S. mail to make contact. If you get a text or email or contact on social media, it’s a scam from a con artist trying to steal your information.” There have been multiple scams around stimulus benefits and delayed tax refunds, asking for money advances to facilitate receiving the benefits you’re expecting. It’s all fraud!
She suggests forwarding any emails to the IRS at phishing@IRS.gov, as well as checking your credit report and freezing your credit. You can also report these scams at the website of the Federal Trade Commission, www.FTC.gov.
The problem of IRS tax fraud itself — not based on phishing but on stolen Social Security numbers — is another dimension. The IRS has been sending letters requiring taxpayers to verify their identity — especially if their information was used on a fraudulently filed return claiming a refund.
And here’s a sad ending thought from Johnson at the FBI: “The No. 1 targeted demographic are the elderly, because they are perceived as rich and not so tech-savvy.” She advises them to call an adult child or even the FBI before transferring any money.
If you’d like to hear more about these issues, check our podcast at www.FriendstalkMoney.org. And, remember, cybercrime is like a virus — and none of us is completely immune!