Guidelines from your Michigan Bank
Terms like phishing, smishing, vishing, spear-phishing, and spoofing refer to the same tactic: contacting you under pretenses that convince you to take action that benefits the cybercriminal. When you’re a victim of this type of fraud, you might share personal information like passwords, social security numbers, or bank account details. You could decide to send money to someone masquerading as a legitimate company or an individual.
If you've experienced a phishing scheme, you're not alone. Technology news magazine TechRadar.pro estimates scammers send 1 billion phishing emails annually, and the FBI reports losses of $57 million in a single year to phishing scams. Unfortunately, phishing activity is on the rise, up 400% through Q3 in 2019, and continuing to increase during the COVID-19 pandemic.
Here’s what banks in Michigan want you to know so you can avoid the financial loss associated with phishing and spoofing fraud.
How Phishing and Spoofing Schemes Work
Phishing usually occurs via an email to your personal or business email address. Often the scam includes spoofing, which uses a forged email address. You’ll think the sender is a trusted company like your bank, Apple, PayPal, or Google. In many schemes, the email will ask you to click a link to a web page and enter your credentials. The page is fake and allows the scammer to capture your information.
- With the growth of social media platforms and the use of mobile devices, phishing scams can now target you through an app or browser. Some attacks happen through instant messaging (IM) apps and target your contact lists.
- Like an IM scam, smishing schemes target you over your mobile device through text messages. You’ll see a link from someone pretending to be FedEx or Amazon asking for your account information.
- With a vishing attack, the ‘v’ stands for ‘voice.’ You’ll receive a phone message delivered via telephone or voice email asking you to share personal details.
- Spear-phishing is a targeted scheme. The scammer poses as a trusted person – your manager or someone on your team – and often asks you to make a payment or transfer funds. With sophisticated scams, you’ll see a legitimate email chain that includes several people in your organization.
Protecting Yourself from Phishing Fraud
Although we’re facing increased sophistication of cybercriminals’ tactics, you have a few ways to protect yourself from phishing schemes:
- Before clicking a link or responding to an information request, review the sender’s domain (the part of the address after the @ symbol). If you see a string of characters instead of a company name, your sender may be a fraud. If you’re still unsure about the legitimacy of the email, contact the actual company directly via email or phone.
- Review the content of the email. Grammatical errors or misspelled words are common ‘tells’ that the sender isn’t legitimate.
Technology from banks in Detroit, Grand Rapids, and Ann Arbor, computer manufacturers, and mobile phone providers can protect personal information.
- Use firewalls, anti-virus software, and anti-spyware on all your devices and install updates regularly.
- Make sure you're using a secure internet network for any online financial activity, including via mobile phones or laptops.
- Use banking alerts to notify you if your account activity doesn't align with your spending patterns or limits.
- Choose multifactor authentication for your accounts. You’ll have an extra level of security that verifies your identity for logins and financial transactions.
Michigan banks, including Level One Bank, won't make unsolicited calls or send emails or texts asking you to provide, update, or verify any personal information. We’re committed to providing a safe, secure banking experience for our customers.
If you do receive a suspicious email or call, please contact the Level One Bank team or visit one of our local branches. Our Security Center has additional resources for learning about types of fraud and ways to protect yourself.