Watch Out For These Latest Information-Stealing Scams

When it comes to information-stealing scams, there’s good news and bad news. The good news is that we are getting scammed less. According to Motley Fool, there were 1.036 million reports of identity theft in 2023, down from 1.107 million in 2022 and 1.4 million in 2021.¹ The bad news is that scammers are becoming more sophisticated, so we have to stay diligent about protecting our personal information.

In this article, let’s look at some of the most common information-stealing scams so that you can be aware of them and protect yourself.

Text Message Scams

Text message scams, also known as SMS phishing or “smishing,” have surged in popularity among scammers due to the widespread use of smartphones. These messages often appear to be from legitimate sources, such as banks or financial institutions and aim to trick recipients into revealing personal information or clicking on malicious links.

Example: Fake Account Alerts
One prevalent text message scam involves fake account alerts. Scammers send texts claiming suspicious activity on your bank account and urge you to click on a link to verify your information. The link, however, leads to a fraudulent website designed to steal login credentials.

Apart from pretending to be your bank, scammers can also pretend to be other financial apps, such as Venmo or PayPal.

To avoid falling victim to these scams, remember the following:

Verify the Sender: Legitimate financial institutions typically use recognizable phone numbers or official shortcodes for their messages. If the sender’s number seems unfamiliar or suspicious, it’s likely a scam.
Think Before Clicking: Avoid clicking on links in unsolicited messages, especially if they claim urgent action is required. Instead, independently verify the information by visiting the involved institution’s official website or calling its customer service department.

Robocalls

Robocalls, which are automated phone calls that deliver prerecorded messages, have been a long-standing nuisance. However, scammers have increasingly used them to target individuals’ banking and investment accounts.

Example: Investment Scams
In one example of a prevalent scheme, scammers use robocalls to offer fake investment opportunities with promises of high returns.² These calls often claim to be from reputable financial firms or offer exclusive deals, luring unsuspecting individuals into providing their personal and financial information.

Follow these tips to protect yourself from investment-related robocall scams:

Be Skeptical: Approach unsolicited investment opportunities with caution. Remember, if an investment sounds too good to be true, it probably is.
Verify Credentials: Do thorough research on a company before sharing any information or making investments. Legitimate investment firms will have a verifiable track record and proper licensing.

Cloning a phone

A common fraud concern that is gaining attention is the practice of stealing information through phone cloning. Phone cloning is when your phone is cloned onto another phone with the intent to impersonate their victims.³ Such intrusion into your device may cause privacy violations and compromised passwords as well as intercepted 2 factor authentication codes.

Example: Cloning

Cybercriminals can mirror your cell phone without your consent through malware and spyware from malicious links and SIM card swaps.

Ways to Protect Your Phone From Being Cloned

To protect yourself from becoming a victim of phone cloning watch out for any unusual activity such as messaging regarding SIM cards or unexpected restart requests, charges or calls. The inability to receive texts or phone calls or if your phone just shuts down completely it may indicate a security breach.

Here are some steps you can take to protect your device from being cloned:

Protect your SIM card: Always keep your SIM card safe and secure.
Freeze your phone number by installing a PIN or password to lock your phone and prevent unauthorized access.

If your phone suddenly isn’t working as usual you may want to have your phone checked.

Phishing Emails

Phishing emails remain a favorite tool for scammers seeking to steal sensitive information. These emails are designed to appear legitimate, often mimicking official correspondence from banks or investment firms.

Example: Account Verification Requests

A typical phishing email tactic involves requests for account verification. The email typically states that your account needs immediate attention due to suspicious activity or an expiring security certificate. It then prompts you to click on a link or download an attachment, which leads to a fake login page designed to capture your credentials.

What to do to avoid falling for phishing emails:

Inspect URLs: Hover your mouse over email links to see the URL. If it looks suspicious or doesn’t match the sender’s website, don’t click on it. Instead, report the email to your email provider.
Check for Red Flags: Watch out for spelling errors, generic greetings (e.g., “Dear Customer”), and urgent language designed to evoke a quick response.
Use Two-Factor Authentication: Enable two-factor authentication (2FA) on your accounts whenever possible. Even if scammers obtain your login credentials, 2FA provides an additional layer of security.

Protect Your Personal Information

As scammers continue to evolve and use more sophisticated tactics, staying informed and vigilant is crucial to safeguarding your financial information. Here are some additional tips to help protect yourself and secure your personal information:

Regularly Monitor Your Accounts

Routinely check your bank and investment account statements for any unauthorized transactions. Report any suspicious activity to your financial institution immediately.

Keep Software Updated

Ensure that your devices, including smartphones and computers, have the latest security updates and antivirus software.

Passwords

It’s important that you have a strong and unique password for every account.⁴ Here are few tips you can follow to help keep your accounts secure. These include:

Don’t use personal information such as a name or birthday
Create long passwords that include symbols, numbers, and both capital and lowercase letters
Change passwords regularly
Don’t type them on public devices

Educate Yourself and Others

Share information about these scams with friends and family, especially those who may be more vulnerable to such schemes.

By staying informed and adopting best practices, you can minimize the risk of falling victim to these information-stealing scams. Stay safe, stay vigilant, and safeguard your finances in the digital age.