Mobile payment apps have made sending money easier, but they have also created a new opportunity for scammers.
One phishing scam that US authorities warn about involves the app Zelle – owned by a consortium of major banks including Bank of America, Chase, Capital One and Wells Fargo.
How does the scam work?
The scam starts with a text message. A fake bank fraud alert will ask you to confirm a payment. If you respond ‘no’ you’ll receive a phone call from the scammer. This will be done from a legitimate looking customer service phone number.
On the call, you’ll be invited to ‘reverse’ the fraudulent payment. The scammer will get you to remove your email address from your account and link it to a new account under the attacker’s control. They then get you to send the money to your own email, tricking you into thinking you’re sending money to yourself, rather than the scammer.
Other scammers might masquerade as utility companies, threatening to cut off your electricity if you don’t transfer them money via the app.
How to avoid mobile payment app scams?
Whilst Zelle has been mentioned, this could happen via any mobile payment app. Here’s how to avoid being a victim:
- Don’t respond to unsolicited text messages requesting you to verify accounts. Instead, contact your bank directly via a known customer service number.
- Enable Multi Factor Authentication and don’t give anyone your passwords.
- Beware of red flags, such as pressured deadlines or immediate payment. They’re trying to create panic so that you don’t think critically. Remain calm.
- Don’t automatically believe a caller is legitimate if they know details about you. Large scale data breaches have provided scammers with a lot of personal information.
- Know that financial institutions will never ask you to move money between accounts to prevent fraud.
Unfortunately, with these types of scams, it’s extremely hard to recover your money, because you actually authorised the payment. So make sure you don’t get caught out in the first place.