Recently a new digital scam has begun spreading rapidly across the country. Scammers are using popular peer-to-peer (P2P) payment systems such as Zelle to steal thousands of dollars from consumers. Recently, we became aware of local banks being targeted by this fraud. Fortunately, we are not aware of any Bank of Easton customers being victimized by this scam.
How they get your information
The victim receives a text that appears to be from their bank asking if they attempted a P2P payment using a mobile app such as Zelle. After replying to the text, the victim receives a phone call that appears to come from their bank. The fraudsters then use social engineering tactics to allay the victim’s concerns by stating that they are calling to help mitigate potential fraud and requesting the customer provide online banking credentials including the username, password and multi-factor authentication codes received by text.
How they withdraw your money
Once the fraudster gains entry to the victim’s online banking, they can initiate P2P payments (most typically using Zelle), intra-bank transfers, and even – in some cases – debit card transactions. The fraudsters know that fraud prevention systems will initiate automated phone calls to the consumers to verify these flagged transactions. They preempt the automated calls by advising a victim to respond favorably to the subsequent automated phone calls by marking them as “no fraud.”
What to do if you suspect an attempted fraud
Should you receive a call from the Bank of Easton that you were not expecting, or suspect is suspicious, we strongly recommend you hang up and call the Bank directly at 508-238-1000. We will never ask you to provide your username and password.
Illustration Credit: Daniel Zender