I haven’t talked about these scams before because I guess I was under the impression that most people had stopped falling for them. Apparently I was mistaken. Before I get into the story of what happened, let me take a minute to explain what these are.

Phishing

This is the most common scam out there and many of you have probably experienced this to some degree. The scammer will send out emails in one of several forms. The most successful form is the duplication of a bank’s email, complete with the logo. They usually go with one bank and they spend a lot of time on the page making it look official. Those people who actually bank there are often the most susceptible because it looks official and causes them to panic.

Usually the email says something about your account being frozen due to unauthorized activity. In order to unfreeze your account you have to go to some link within the email and give personal information. Well, that’s where they get you. They now have everything they need in order to rip you off. Let me be clear on something. Your bank will NEVER, EVER ask you for personal information through an email communication.

The only time I’ve ever seen a banker ask for personal information through email is when they’re working directly with someone and a dialogue has already been established. Beyond that, it’s a privacy issue and we’re not going to do it. If your bank does, I’d be very concerned and request that they not.

Another form of this scam is the Paypal emails – I get these a lot. It works the same as the bank one. Your account has supposedly be frozen for unauthorized activity and there is a link to follow for personal information. Plenty of people fall for this one because it does look pretty good as far as that goes. And, the trouble is, most people have their Paypal account linked to their checking accounts. If the scammers get the password to your Paypal account, they could wipe you out before you even know what’s going. But, if you have a Paypal account and aren’t sure, I recommend going to Paypal directly and asking. They may request you to change your password just to be safe, but truly that is probably a good idea anyway.

Another one are those fake lottery scams and job offers. Let me just say this plainly. If someone sends you a check and says you’ve won the lottery for which you’ve never entered, or offers you a job cashing checks for which you’ve never applied, that should be a very BIG RED FLAG!!! Here’s how it works. Normally, the lottery is a foreign country lottery – I win the British lottery every other week. They tell you that you’ve won ‘X’ amount of dollars and include a check for that amount. However, due to foreign exchange and processing fees, they need you to wire or Western Union a portion of that check back. Same with check cashing job offers. They send you a check, want you to cash it, and give you a certain percentage back for cashing the checks as your “commission.”

I seriously don’t understand how people think these are legitimate. The best I can come up with is that they are desperate enough to want to believe this would work out for them. In any event, the checks are fraudulent. Once you wire them the money, they’ve got what they want; and when the check bounces, you’re the one left holding the bag when it overdraws your account and you’re charged fees.

The last one that scammers try rather often is the plea from lawyers that say they need help cashing their U.S. relatives estate checks because their governments don’t allow them – or something along those lines. This one isn’t very popular for scammers because it just looks fake across the board. I only mention it because it’s out there and you should be aware of it.

Vishing

This is where the scammers use the VoIP, or voice communication over the internet to try and get personal information from you. To be honest, I don’t use VoIP, so I’m not really familiar with the scams that come across these. Those of you who do may have something to add, but you have to be careful because some of these scammers are really good. They make you comfortable and before you know it, you’re telling them anything they want to know.

Smishing

Smishing is phishing through SMS messages. Normally these scam messages lean towards the ring tone, horoscope, and dating site variety. It will say something like “This message is to confirm your request for our service. You will be billed $2.99/month until cancelled. If you wish to cancel go to www.?????.com.” Well, when you go to the website, it requires a program to be downloaded that is usually a Trojan – which, if you don’t know, is a great virus for collecting personal data.

Warning Signs

There are some things to keep in mind when you’re reading these. First and foremost, if it sounds too easy and too good to be true…it probably is. I’m not being pessimistic, I’m being realistic. It’s pretty unlikely that you would have won a lottery that you’ve never entered from a country you’ve never been to.

Next on the list of warning signs is the terrible spelling and grammar. The longer these scams have been around, the better they’ve gotten, but more often then not these are written out of a country where English is not the native language so the spelling and grammar are pretty bad. Make sure you watch out for this when reading through these emails.

Third is that if they want cash back, that should be a big warning sign to you. There is no logical reason that someone should want you to cash a check and then ask for the majority of it back in cash. They should be able to take that to their own bank. These are fake checks you’re dealing with. I’ve seen this with traveler’s cheques once, too. I think it was American Express and the person came in with a stack of cheques in $500 denominations. At the time, AE didn’t make them in that high of a denomination. Don’t know if that’s still the case, but if you’re not sure you can always call and ask. And, they can tell you by the serial numbers if they’re fake or not.

If the email you receive is from your bank, call them. Don’t take for granted that it’s something from them because if the email is asking for personal information, then it’s probably not your bank.

Make sure the sites you visit are secure. I’m not suggesting that this is a foolproof way to prevent people from getting your personal information; however, it is better then putting information out there for everyone to grab. There are two big ways to tell if a web page is secure. First, in the address bar, it should read https:// when it is a secured site. If that ’s’ is not on the end, then it isn’t secured. The second method – and one I defer to only after checking the address bar – is the little lock icon in the bottom right corner of the page. If that isn’t there, it’s not secure. I usually look for both because I’ve seen one that managed to duplicate the lock but couldn’t get the ’s’ in the address line.

At the end of the day, it comes down to using a little common sense with these. You are responsible for keeping your personal information to yourself and if you choose to share it with others, you take the risk of being penalized if something goes wrong. It is not your banks’ fault if you choose to proceed with any of these.

Which brings me to the reason I wrote this article. A couple of days ago a woman comes into the credit union with a lottery check. She says she won the lottery and she’s all excited about it. Mind you, this check was a Texas state lottery – which several of our members have won, so we’ve seen it before. She has money already, but I suspect the husband handles the finances. At any rate, she deposits the check and went to the ATM to withdraw a large chunk of that money. She then proceeded to take the money and Western Union it to someone else. She shows up this morning before we opened crying at our door.

She’d told her husband what she’d done and he was furious because he knew it was a scam. They are now out $3000. She spoke to my manager this morning and they sat in the room for two and a half hours. The husband wanted to know why we hadn’t questioned his wife about the check. As my manager explained, there’s a fine line that we draw when it comes to asking people about their money. Yes, if we have an opportunity to save them money, or see that a member would benefit from a product we have, we’re going to offer it. But we don’t outright question people unless there’s a concern. Had the wife mentioned that she was sending money from the check to someone, we would have questioned it. But she said she’d won the lottery and was excited about it, not to mention it was the state lottery and not a foreign lottery, so we saw no need to question the transaction.

In any event, the husband finally calms down and thanks my manager for her help. But, sometime later this afternoon he calls our VP of retail…which is a step down from our president. The husband complains that we should have realized the check was a fake and explained it to his wife. We also should have prevented her from pulling money out of the account. And since we were so incompetent, he was going to take us to court.

Yeah, all I can say to that is good luck. The check looked legitimate and there was no way for us to know since the wife didn’t mention anything. I mean, sure, we could have grilled the wife on the check, but realistically, unless there is something said that makes us question it, we’re probably not going to. The consumer has some level of responsibility for researching something like this before just sending the money to a third party they don‘t know.

In all likelihood, the husband is the one that handles the money and the wife didn’t consult him first. So, he was probably pretty pissed at her and we just got to be the scapegoats. Lucky for them, our VP agreed to give them half of the money back from the credit union. We have no way of recovering that money, but he felt it was the right thing to do, so we did. And it wasn’t the threat of a lawsuit, mind you, because there’s no case here. We did nothing wrong. The judge would have flat out told them they need to be more financially responsible, period.

Please, please, if you get one of these emails, spam it, delete it, or forward it to Homeland Security’s cyber crime unit, but DO NOT give them personal information!!!

So tell me about your experiences with these. Have you fallen for them or known someone who has?

Related posts:

1. Watch Out For Economic Stimulus Scams!
2. Should You Keep Separate Finances?
3. Do You Own a P.O. Box?
4. My friend Tom
5. The ‘12 Days of Christmas’