Tips for safeguarding against cyberthreats
Cybersecurity awareness is key to protecting customers from social engineering scams.
Alexa Martinez was on high alert when one of her older customers asked her to initiate a wire transfer that would essentially deplete his life savings. The wire was going to an overseas account the customer had never interacted with before, and the more questions Martinez asked, the stronger she felt something was wrong. The 81-year-old customer was fuzzy on details, couldn’t provide an address for the receiver, and his general demeanor was off.
“He seemed a little uneasy, and I just told him that this sounds like fraud,” said Martinez, a personal banker in Boise, Idaho. Martinez delayed the transaction and alerted her branch manager, Nick Talik. When they followed up with the customer the next day and asked more questions, they realized that he’d been caught in a tech support scam — cybercriminals had purportedly fixed a problem on his laptop, pretended to credit too much money to his bank account, and convinced him to wire the “excess” money back to them.
“It was a very intricate and smart scheme because they were able to gain access to his computer and lock him out,” Talik said. “He came in and we showed him that there were no extracurricular activities on his account and explained why we couldn’t proceed with the transfer. This was 100% fraud, and we didn’t want him to lose all his money.”
How to safeguard yourself from cyberthreats
Tech support scams are just one form of social engineering scams. These attacks occur when scammers trick victims into sharing confidential information, such as usernames and passwords or other personal information that may be used for fraudulent purposes.
It’s an increasingly common scam that can have severe consequences. The FBI’s Internet Crime Complaint Center logged 467,361 complaints last year, with phishing, extortion, and personal data breach among the most common crime types. In 2019, identity fraud losses rose to $16.9 billion, an increase of 15% from 2018, according to the research firm, Javelin.
Gary Owen, Wells Fargo’s chief information security officer, said customers can help protect themselves from cybercriminals by staying vigilant against potential threats and suspicious activity.
Best practices include reviewing bank accounts regularly, setting up account alerts to help spot unusual activity, and creating strong passwords using an uncommon phrase with a mix of letters and numbers. Customers should not respond to unsolicited phone calls, texts, emails, and pop-ups, or sign on to bank accounts from a link in a suspicious message.
Additionally, business owners should verify all changes to payment instructions using a different form of contact to make sure it’s authentic and ensure they have controls over physical checks and signatures. It’s also important to instruct employees to protect sign-on information and be wary of unexpected authentication prompts or on-screen messaging. They should not click on links in suspicious emails or text messages.
A heartfelt thank you
For Martinez and Talik, their ability to identify the warning signs of fraud earned them recognition from the Boise Police Department after the customer reported the scam to the local authorities. Martinez and Talik issued new debit cards for the customer after helping him secure his accounts, and also set him up with an appointment at a computer repair shop to restore access to his laptop.
“He sent us flowers a few days later,” Martinez said. “He was so grateful, and he knew we had his best interest at hand.”