How to Identify and Prevent Fraud via Phone, Email, and Online
There is no shortage of tricks that fraudsters will use to gain access to your personal and account information. This can lead to everything from identity theft to fraudulent withdrawals from your bank account or unauthorized charges on your credit card.
What is a security incident?
A security incident is when fraudsters attempt to gain access to your personal or account information. Common ways this happens is through phishing (fradulent emails that ask you to divulge information), vishing (attempts by scammers to get you to share your information by phone), and smishing (fake texts that try to lure you into sharing information in a response).
The information scammers glean from a phishing, vishing, or smishing attack can be used to fraudulently access your financial accounts. Scammers can also compromise your accounts by hacking the files of a company that's storing your personal information or by other tricks, such as card skimming.
Is that call from your "bank" for real? If the caller lacks basic information about you and your accounts, hang up. It's almost surely a scam.
Learn to spot the red flags - and keep your information private
While some forms of fraud cannot be prevented by individuals themselves (think of the massive Equifax breach of 2017), there are steps you can take to protect yourself from fraudsters, including freezing your credit reports with the big three credit bureaus (Equifax, Experian, and TransUnion). These freezes will prevent fraudsters who gain access to your social security number from opening up credit in your name.
Here are some red flags that can alert you to a security incident in the works — along with steps you can take to protect yourself.
Red flags by phone:
- You're contacted by someone who says they are from a financial institution you do business with, but they don't have basic information about you that you would expect them to have. Examples include your social security number, your account number, or your mailing address.
- You receive a phone call from someone claiming they are from a financial institution you do business with, but something doesn't sound right. For example, they might mispronounce the name of the financial institution itself, or the name of a city where the financial institution does business.
- The person who contacts you is not referencing a very specific question about your account and instead is asking you for basic account information. No financial institution would call you to ask you to verify basic account information (such as your account number, address, or social security number), since they would already have that on file.
If you have any concerns that a call, email or text is legitimate, do not engage. Instead contact the number on your company's website or on the back of your credit card.
Red flags online:
The biggest red flag is that you go to a financial institution's log-in page and something looks off. Maybe the logo or the URL or the layout of the page looks a little different. It could be that the scammers have hacked the website and are redirecting you to a similar-looking website with a similar URL.
If you have any doubts that you are truly on the right website, do not enter any sensitive personal information, such as your account number or password. Instead, call the customer service number on your credit card, debit card, or printed bank statement. (If you suspect your bank's website has been hacked, don't call the number on the website.)
Red flags by email:
Scammers can make emails look like they are coming from a financial institution you do business with. They can easily use the company's name as the display name in their email. And they can come up with an email address that looks plausible enough that you'll be lulled into believing it's really from the company they are saying they are. Some examples are:
- You receive an email saying it's from a financial company asking you to reply with your address, social security number, account number, password, or any other personal information. This is almost certainly a scam. Any reputable financial company that you do business with will already have this information.
- There's a link in the email that you're asked to click on, which then takes you to a page where you will be asked to enter your user id and password. This is most likely a fake website, designed to make you think you're on your bank's website when really you're on a website created by hackers. When you enter your information, you're essentially handing it to scammers.
If you have any doubts about whether or not an email from a financial institution is real or not, visit the company's website and call the customer service number you find there. Never call a number found in an email. If the email was sent by scammers, you can be sure the phone number in the email is also fake.
Clues that a security breach has occurred
If you have accidentally given your personal information to a scammer, your first tip-off that your account has been compromised will likely be one of the following:
- You may receive an email, text or call from Synovus alerting you to unusual activity on your account.
- You may receive an email or text from your bank alerting you that some information on your account (such as your mailing address or password) has been changed.
- You may see charges or withdrawals on your account that you don't recognize.
How to report a suspected security incident
If you believe your account was compromised — or if you've received a suspicious call, email, or text — call your financial institution to report the problem. It's important to call even if your account information wasn't compromised. By alerting the bank about a potential problem, you're helping to protect their other customers.
If you're a Synovus customer, sign up for banking alerts to get instant notification any time there's activity on your account. It's the fastest way to find out if your account information has been compromised. We also recommend that you take a few minutes to learn more about the safety and security protocols in place at Synovus. If you think your account was compromised — or if you've received a suspicious call, email, or text about your Synovus account — please call us at 1-888-Synovus (1-888-796-6887).
Important Disclosure Information
This content is general in nature and does not constitute legal, tax, accounting, financial or investment advice. You are encouraged to consult with competent legal, tax, accounting, financial or investment professionals based on your specific circumstances. We do not make any warranties as to accuracy or completeness of this information, do not endorse any third-party companies, products, or services described here, and take no liability for your use of this information.
Do you have questions or ideas?
Share your thoughts about this article or suggest a topic for a new one