As I get into the car to visit with my parents for the holidays I receive a text message. It claims that there is a problem with my Bank of America card and would I please call this number, and the it goes on to provide a website should I have any additional questions. While it is true that I have a Bank of America card there is just something a little “fishy” about this email message. Then I remember some of the advice we give here on Identity Theft Secrets.
- If it doesn’t sound right to you it probably isn’t. That’s true, in this case once I didn’t jump straight into panic mode with “Oh I better call right away or use the website that they linked to,” I realized that the Bank of America wouldn’t text me to tell me that there is something wrong with my credit card. I never agreed to such a service or included my cell phone number.
- Looking closer at the telephone number I realize that it has a 979 zip code. All my statements and even the contact information on the website includes a toll free number or branch locations telephone numbers for contact.
- I contacted my husband just to make sure he hadn’t signed up for any such service, and he had not.
- Waiting until we get to my parent’s house I then call Bank of America directly using the toll free number posted on their website. We find out that there is nothing on my account to indicate any activity that shouldn’t be there.
- Look for misspellings, repeated phrases, shortened URLs (web addresses)
The moral to the story. Don’t panic!
Stop, look and listen before you respond to these types of request for information.
Take some time to research the situation using a direct dial number or email address from the official business website, not from the one provided to you.
Check with your cell phone service provider to determine if they have a “spam squad.” Some providers do and you can forward the message to them using a designated set of numbers.
In PC World, Cloudmark researchers report that they are “tracking over 20 unique, financial related SMS attacks in the United States with thousands of variants on each attack.” Many come in the form of warnings such as “Your Visa card has been deactivated,” with a phone number to call for account repair. This research indicates a 300% increase in financial fraud in SMS (text messaging traffic) this year alone.
Hugh McCartney, Cloudmark’s CEO, says,
“There is a substantial difference in the profile of attacks on mobile versus email. With the global email we analyze, most of the attacks are spam, but financial fraud remains a very small percentage of email – not more than 10 percent overall. Conversely, our mobile data research reveals that more than half of SMS spam is composed of targeted attacks focused on extracting financial account information or enticing the subscriber to call premium rate numbers, usually with immediate financial impact to the mobile user.”
The information you provide when you respond is then used to duplicate your credit card for use in credit card fraud. Responding to these requests can cause the exact problem that you are in fear of: your credit card being stolen, used fraudulently or cancelled.
Two weeks later my husband receives a similar message. We know what to do right away this time.