We’ve all received those annoying texts, emails, and phone calls letting us know that our warranties have expired, that our credit card has been frozen, or that “unless we send $99 right now,” our software will no longer work — whatever that means! Worse yet, some spam calls and emails are trying to pose as the IRS, saying that you are being audited or will even be arrested if you don’t pay overdue tax amounts, which can be a scary message to receive.
Of course, these are just a few common examples of security fraud and phishing that goes on in the U.S. and across the world every day. In fact, 30 billion “robocalls” were made in 2017 and over 482.5 million phishing attempts were detected. That’s a lot of fraud.
So what can you do to stay safe from security and finance fraud attempts like these… and what should you look out for as these scams become more and more sophisticated?
How to Identify a Fraud Attempt
The first step to preventing any sort of successful scam, especially a request for money, is to validate the source. No matter who calls you, emails you, or texts you, you can check the source to see if it’s a company you work with. For example, let’s say you get a call from your “car warranty company.” If you have a car warranty, check your paperwork to find the company’s corporate number, call them, and follow the prompts to talk to someone about your specific account. If you don’t have a warranty on your car, you have nothing to worry about.
Another common scam our clients get is a call that is supposedly from their bank, asking if they can just “confirm a few things about their account.” This is, most often, a phishing attempt, which just means that fake companies are posing as reputable companies to get you to reveal personal information. The first thing you do is insist on calling your bank back at the number you have on file (or searched online for) — not the number the person gives you. If you call your bank back and nobody knows why you’ve received a call, that was a scam.
Other times, you’ll see emails come in that look like they’re from a family member coworker, with nothing but a link or a request for money. Before you ever click a link in an email from someone, double check the email. Sometimes you’ll need to expand the window and double click their name to see the address. Verify that it’s actually their address and then call or text that person to see if this is a legitimate request.
Most of the time, these scam attempts are identifiable by:
How generic they are: “The bank is requesting you update your contact information.”
The information they ask for: Valid institutions don’t call you to ask for sensitive information over the phone, text, or email.
The way they contact you: The IRS communicates only via mail, so phone calls are not normal. Google also isn’t going to call you to tell you your Gmail account is going to be closed.
How aggressive they are: If a phone representative or email contact is getting pushy or telling you “you must do this now,” odds are it is a scam.
Sometimes, though, these fraud attempts work and you don’t know it was fraud… until your credit card has been breached and/or your sensitive information has been stolen. So, what do you do then?
How to Mitigate a Successful Fraud Attack
Depending on the type of security fraud you’re dealing with, there are different first steps you can take.
Financial information theft
The first thing you should do, if you realize you’ve accidentally given away banking or financial information, is to freeze your online bank accounts and credit cards. Sometimes, if you just gave away your password, you can immediately change your password and avoid trouble. However, you should always notify your bank that you may have been scammed and that fraudulent charges may be coming. From there, the bank will protect the accounts from any incoming charges. You’ll also want to make sure that all of your auto-payment services are notified. You may need to pay via check or ACH from a non-affected account until the issue is resolved.
Personal information theft
If you gave away personal identifying information, like your Social Security number, date of birth, etc., then you may want to contact all three credit bureaus and place a free 90-day fraud alert on your credit reports. You can also set up a credit freeze, which prevents your name to be associated with any request for credit. That way, you can prevent a small information slip from turning into full-blown credit or identity theft. Here’s that information for quick reference:
Experian Security Freeze Website
Equifax Security Freeze Website
888-298-0045 (customer care agents)
TransUnion Credit Freeze Website
Make sure to include the following information with your request:
Your complete name
Social Security number
Date of birth
Payment (sometimes you will need to pay a few dollars to complete the freeze — but only submit payment to these three bureaus)
In some cases, if your Social Security number was exposed, you will need to contact the Social Security Administration. You can get ahold of a representative at 1-800-772-1213 and let them know to flag any unusual activity associated with your number. Many of our clients also execute a yearly credit report just to make sure nothing untoward happens to their credit without their knowledge; even if you’ve never been scammed, this is a great practice to put into place.
If you’ve engaged with an email scam that you later recognize as a virus or an attempt to request your personal or banking info, make sure to let your email contacts know as soon as possible to ignore any odd correspondence from you. These scams can often find ways to access your contact list and even infiltrate your computer, so it’s important to avoid the “spread” of these emails. Of course, if you share any financial or personal information, also follow the steps above.
Acknowledge the “Security Anxiety” You Feel
There’s one more thing we want people to know: it’s totally normal to feel anxious about these fraud attempts — even when you’re pretty sure they’re fake. We’re all law-abiding citizens, so when we are told we need to update our expired warranty, pay a bill, or call the IRS, we sit up and listen. It’s OK if you feel anxiety, but do your homework to make sure the emails, calls, or texts you get are valid. No legitimate company is going to blame you for doing your due diligence, so don’t be afraid to wait to respond until you validate that the request is real.
As for Guiding Wealth, we also want to let you know that you’ll never receive an email or call from anyone other than our Guiding Wealth team (usually from Hannah or Matt). You may also receive some account updates from TD Ameritrade, but you’ll never be asked for confidential information unprompted. If you ever wonder if an email or call is legitimate, don’t hesitate to call our office to double-check — just dial 214-810-3835. And if you ever get an email asking you to share confidential financial information, flag it immediately and call us!
These fraud attempts are getting more and more savvy, so make sure you always check before you share information.