Criminals are coming up with smarter ways to steal your money. One of them is spoofing. Scammers pose as bank employees and try to persuade you to transfer money to an account of a criminal organization. But luckily you can easily outsmart them with a little vigilance.
The more we go digital, the more criminals turn their attention to digital scams or fraud. This is also reflected in the last year. Due to the coronavirus, people at home were more dependent on their digital connections with the outside world than ever. Scammers saw this as a great opportunity. According to police figures, the number of digital crime reports in 2020 was almost seven times higher than in previous years. This means that it is now even more important as a consumer to be alert online.
This is how spoofing works
Scammers now have a large arsenal of cunning methods in their toolbox. One is spoofing or bank help desk fraud. Spoofing is English for impersonating. With a tech trick, a scammer can pretend to call on behalf of your bank and that the call is very urgent. Sending a spoofing text message with a fake sender also happens regularly. The idea is to make you believe that the person who is contacting you is actually a bank employee. Criminals abuse the trust you have in your bank. The caller claims to be from your bank and sometimes even uses the name of a real employee. Keep in mind that these scammers also sometimes call with a number that is not from the bank or an anonymous number.
The scammer is calling because there is supposedly something wrong with your bank account. Scammers would have gained access to your account and illegally debit money, according to the caller. It is always an emergency and you are pressured to act quickly. That fast acting means that all the money from your bank account has to be secured in another account. The terms security account, vault account and variants are often used.
The scammer may urgently ask you to transfer the money yourself to a specific account, often at another bank. Or he prefers to keep it in his own hands and therefore asks for your login details, PIN codes and other security codes. And sometimes you are even asked to give your bank card to a fake bank employee or fake postman at your door.
A third variant is that you are urgently requested by your bank or another institution to download a ‘necessary’ program from the internet and install it on your computer. With this, the fraudster can secretly take over your computer remotely and thus collect your bank details. Whichever method is used, the end of the story is that all your money from your bank and savings accounts will be lost. Obviously nobody wants that, so it’s good to arm yourself.
Before Spoofing Begins
It is important for a criminal to have sufficient information about you. Of course, a fraudster can randomly call people and hope that he can persuade them. But that is difficult if he calls a bank number where his potential victim does not have an account at all.
Since gaining trust is important for a scammer, he will want to know enough about you beforehand. He does that in different ways. For example, many people have more information on the internet than they think. Social media such as Facebook in particular contain a lot of data that is interesting for fraudsters. Names, addresses, phone numbers, email addresses. It is therefore wise to put as little of yourself on the internet as possible. Protect your account and profile on Facebook, Twitter and other social media from strangers as much as possible. Only show that information to people you trust. For the right settings, search for the term “privacy” in your social media help information.
Also pay close attention to strangers who contact you via email, WhatsApp or other social media. If they just want to find out more about you, never give out your personal information and cut off contact. If you are asked by a friend to transfer money via WhatsApp, always call this person to check whether the message is correct.
Fishing for your data
Another method by which criminals try to find out more about you is phishing. For example, in phishing, a scammer sends you an email from a “bank” or other party that appears deceptively real: complete with official logos and professional formatting. You are asked with an excuse to click on a link or button. For example, to re-enter your bank details. This will take you to an associated phishing website that closely resembles the real website of your bank or another party. If you enter your details there to log in, they will then be forwarded to the scammer.
For example, the scammer can try to transfer your money, but that has become more difficult with the extra security measures of banks. Therefore, phishing is increasingly used as a preparation for spoofing. For example, by stating the exact amount that is in your account, a scammer can better impersonate a real bank employee.
You can read how to recognize and combat phishing here: Protection against phishing messages – ING – Safe banking
How to avoid becoming a victim of spoofing
Even if you are careful not to put personal information on the internet and not fall for phishing, you can still receive an unexpected call from a spoofing fraudster. Banks, such as ING, have a number of clear tips to protect yourself:
• Employees of banks never call to ask for your personal information, such as your login details or a pin code. Also, they will never tell you to transfer your money to another account or download software onto your computer to fix a problem. The same applies to requests from a “bank” via SMS, e-mail or other message to perform this type of act.
• A bank can always (temporarily) block an account itself if necessary and then call the customer to check something. However, a bank employee will never ask for login details and PIN codes or ask the customer to transfer money.
• Sometimes scammers go so far as to want your bank card. You then have to hand it over, whether or not cut in half, to an “employee” who comes to visit you at the door. A real bank employee will never come to pick up your bank card. So never give it up.
• Hang up immediately in case of suspicious calls.
• If you are in doubt about a phone call or message from your bank, always contact the bank yourself. Do not do this via the telephone number you were called from. Go to your bank’s website and find the contact details under the heading Contact. Also contact us immediately if you have passed on your bank details to the scammer. This way your bank can immediately take measures, such as blocking your bank account.
Report spoofing, phishing and other scams
To help detect scammers and prevent spoofing and other fraud, it is wise to report (attempted) fraud to your bank quickly. Use the contact details on your bank’s website for this. You can also report fraud via SMS or another message to the bank by e-mail. This has the advantage that you can pass on the entire message including false link. You do this on an iPhone and most Android smartphones:
• Keep your finger on the message.
• Tap the option or the Copy or Copy icon (sometimes you need to tap More or three dots first).
• Go to the email you want to send to your bank.
• Keep your finger on the text part of the e-mail.
• Tap Paste or Paste.
If you stick to all these tips, banking will remain safe. Would you like to know more about what types of fraud and scams there are and how you can protect yourself against fraud and scams? Read more on the ING website.
