What are some of the most common types of fraud today?

Phishing
Scam artists send out millions of these phishing e-mails at one time by purchasing large email lists from various sources.  They easily create e-mails that look like they truly come from well-known, reputable companies (such as eBay, Yahoo, or PayPal) or a government agency (such as the FTC, the FBI, the IRS, or the Social Security Administration).  The e-mails often have typographical or grammatical errors in them, but most people do not notice them because the logos and graphics in the e-mail look so real.

The links provided in the e-mails look legitimate, but they are masked and really direct you to a fake web site that also looks real.  Some of these scammers have even figured out how to mask the "hover" address that sometimes appears when you move your mouse over the link.

Unfortunately, it is quite simple to create fake sites and fake e-mails that look like the real thing (also known as "spoofing").  The email usually asks you to click on the link provided to "update," "confirm," or "verify" your account information.  There is often a sense of urgency to the email message so that you will feel like you must respond quickly (such as "your account will be closed unless you respond immediately" or "it looks as if you may be a victim of fraud. Please contact us immediately to confirm your credit card number").  Although the link text in the message may show the expected web site address (ebay.com, amazon.com, etc.), you are re-directed "behind the scenes" to a fake site once you click on the link.  The linked site instructs you to provide or verify your personal and account information, often including your Social Security Number, account number, PIN, password, or authentication code.  This is one of the most common - and successful - scam methods used today.


Social Engineering/Pretexting/Vishing
Social engineering is a process in which a person lies about his intentions in order to trick you into giving him your personal information (variations of this type of telephone scam are called pretexting and vishing).

For example, a scam artist may call your home and pretend to be someone from your financial institution, an insurance company, or from a company conducting a survey.  He will ask you a few questions and try to get you to reveal answers to personal questions, including account numbers, your mother's maiden name, your Social Security Number, your pet's name, your child's name, etc.  Some of these questions may seem innocent to you, but the answers are often what people use as their passwords.  Some of these questions may even be in reference to a matter of public record (like your address or the fact that you own your home), designed to make you feel more comfortable with the person to whom you are speaking. 

A "pretexter" may say something like, "According to our records, your address as 1234 Holmes Drive.  Could you please confirm your Social Security Number?"  Once he has the information he needs, he can then call your financial institution and pretend to be you.  That may be all it takes for him to obtain the rest of the personal information he needs to steal your identity.

In a typical Vishing attack, you may receive an email or a text message asking you to call a phone number to keep from having your debit card blocked.  The automated voice message you hear when you call the number may be something like:

Thank you for calling Tyndall Federal Credit Union. Your call is important to us. To help you reach the correct member service representative, please press the appropriate number.
 
• Press 1 to check your account balance
• Press 2 to transfer funds
• Press 3 for any other service

Regardless of which number you enter, the automated system will ask you to authenticate yourself by entering your member number, followed by the # key.  After you enter your member number, you may be asked to enter your Social Security Number, your PIN, etc. 


Nigerian Email Scam/Mail Fraud
This particular scam has been going on for decades and has a multitude of variations.  The contact may be made by mail, email or fax, but the bottom line is always the same.  Send a "small" amount of money to an unknown entity in return for millions in unclaimed estate money, lottery winnings, offshore accounts, etc.  Click here for an example of one of these emails that was sent to our alerttfcu@tyndall.org email address.