Protect Yourself From Pretexting and Internet Fraud
My wife recently got a call from her bank. She was really busy and not much of the conversation registered with her.
Except for the fact that the caller was from her bank and was verifying if the email for her online banking account was still valid.
She said yes, the call ended, and a few minutes later she was very worried. Had something happened to her account? She had the vague sense it was because someone tried to access her account (though you can’t really do that with just an email address)…
As she thought more about it she got really worried. So I asked her if all the money was still in the account. She said yes, so we left it at that because we were on the road and couldn’t do anything else.
Eventually we found out that it was a valid call, her bank had a record of it (or at least it was in their system), and absolutely nothing was wrong.
But the whole thing got me thinking. These days, thieves after your money are more likely to resort to pretexting (calling with a make believe story to get your info), phishing, pharming, email spoofing, and various other cons than to use the plain, old stick’em-up routine.
So if someone calls you, how do you protect yourself?
- Pay attention – Is it really your account, service or whatever it is they’re asking about? And what exactly do they want from you? Why?
- Never volunteer information – No legitimate organization asks for sensitive info over the phone. Account names, numbers, important dates are all volunteered by them and verified by you. The sole exception is when you call them and make a request. In that case it makes sense that the requestor should be the one to volunteer information, to validate his identity (ex: calling your credit card company).
- Call them back – if you’re still unsure if the call is legitimate, ask them to call you back later or tomorrow. In the meantime, look for their hotline (from your bill, card, statement of account, or official website) and verify that they really called.
If something went wrong…
- Change your password – if nothing has happened to your account yet, you can change your password just to be safe. However, it’s better if you…
- Lock your account – If you’ve lost money already: Call your bank’s hotline, explain your predicament, and have your account locked down.
They’ll investigate it and advise you on next steps. Any money lost should be returned to you. It could take time though, so work with your bank and be patient. If they prove to be uncooperative, call the Bangko Sentral ng Pilipinas and get their assistance.
What about for phishing, email spoofing and pharming? How do you protect yourself?
- Never click links – that’s good advice for any kind of email.
- Check the sender – The name that appears can be faked. Check the actual email address (ex: the name might say Admin@BigBank.com but the address when you hover on the name (or read the email) is actually firstname.lastname@example.org)
- Confirm the message/request – call your bank’s hotline or visit their official website. Check that they really did send it and are asking you to do something
- Type the URL yourself – don’t rely on search engines, links, or browser history. Or have it bookmarked (double-check before bookmarking!); just be sure to pay attention to the URL and confirm it’s the right site before typing your password.
The internet is a fantastic tool for everyone – unfortunately that includes scammers. It’s important to be vigilant and be aware of your options if the worst happens.
If you liked this post, please subscribe to my feed, like me on Facebook, circle me on Google+, or follow me Twitter @thePFApprentice. It’s free, you won’t miss new articles, and you’ll also get my free ebook: the Super Savings Guide.