Cyber-scam Alert from the FBI
The FBI has issued an alert about a new and very sophisticated Cyber-scam targeting bank customers using digital payment apps.
The scam starts with a text message, which looks like it is from the target's bank, reporting possible fraud and asking them to reply YES or NO to verify a recent instant payment. If the target replies NO, then a message will tell them that they will receive a call from a fraud specialist.
The victim will then receive a call that appears to be from their bank's toll-free number, and the scammer will then walk the victim though a process to reverse the “fraudulent charge.” In actuality, the scammer has just fooled the victim in transferring money to the scammer.
What you can do to protect yourself from this type of scam:
1. Always be wary of unsolicited requests for account information.
2. If you receive a text or email reporting possible fraud, contact the financial institution directly.
3. A financial institution will never ask you to transfer funds between accounts to prevent fraud.
4. Be skeptical of callers that provide your personal information, including social security numbers, as proof of their legitimacy.
Please click this link for the full text of the FBI’s Fraud Alert.
Online Banking Scam
The Massachusetts Banker’s Association (MBA) has issued a Fraud Alert about new fraud schemes utilizing sophisticated “vishing” tactics to compromise consumer accounts.
"Vishing" is defined as the fraudulent practice of making phone calls or leaving voice messages claiming to be from reputable companies to convince individuals to reveal personal information, such as bank details and credit card numbers.
According to the MBA, bank customers are being targeted with spam phone calls with their bank’s name and/or main phone number, typically in the evening, after office hours. The fraudsters are then using social engineering tactics to ease the customer’s concerns by stating that they are calling “to help mitigate potential fraud” and request that the customer provide online banking credentials including the username, password, and multi-factor authentication codes received by text. Unfortunately, fraudsters can sound legitimate and sincere.
Once the fraudster gains entry to a customer’s online banking, they can siphon out cash by initiating peer-to-peer (P2P) payments (most typically using Zelle), intra-bank transfers, EFTs, and even wire transfers. Fraudsters sometimes initiate debit card transactions first.
Fraudsters know that real-time fraud prevention systems will initiate automated phone calls to the bank customers to verify these flagged transactions. They preempt the automated calls by first calling the bank customers themselves and advising them to mark any additional automated calls as “no fraud”.
No one from Greenfield Savings Bank will ever ask you for your full account number, your debit card number, your log in credentials (username or password), or your social security number. NEVER give this information to a caller, even if they claim to be from our Bank. Spammers can make their caller ID phone number look like the Bank’s.
What should you do?
- If you have received any such calls or solicitations, hang up and contact Greenfield Savings Bank. If you receive a voice mail of this kind, do not return the call. Call the Greenfield Savings Bank directly at: (888) 324-3191
- We recommend that you set up ALERTs on your GSB account so you can be on the lookout for any unusual attempts on the authorized transactions to fraud your account.