A month ago I told you about a man in Australia who was scammed out of $22,000 through a sophisticated text message scam. It started with a text message that appeared to be an alert from his bank informing him that someone had just tried to setup a payment from his account to a new payee. The text message went on to indicate that if the new account payment was not legitimate to contact the bank at a phone number provided in the email. One reason that scams like this are often successful is that people do sign to receive text message alerts from their banks and the phone number shown as sending the text message appeared to be that of the Australian’s bank.
In a panic that someone was trying to access his bank account, the Australian called the number and taken through a long discussion with someone who sounded very much like a legitimate bank employee. At the end of the discussion, the phony bank employee told the targeted victim that it was necessary for the victim to transfer a randomly generated amount of money to an account manager at the bank. Why this would be something that should be done if someone’s account had really been hacked makes no sense at all, but by that time, the scammers, who often have a knowledge of psychology that Freud would have envied, had gained the confidence of their victim convinced the victim to transfer $22,000 to an account designated by the bank. He was told that following the transfer, he would receive a confirmation text and his account would be safe.
Of course, he didn’t receive a confirmation text. The entire process was a scam and the Australian has lost his $22,000. Recently, Mary Yu of Melbourne lost $50,000 to a bank text message scam in which the scammer spoofed the phone number of her bank, HSBC and, posing as her bank, lured her into providing access to her account. HSBC refuses to reimburse many of the victims of this type of scam because the victims provide the personal information to the scammers that enables them to gain access to the bank accounts. Ms. Yu is not alone as a victim of this scam. In the last eight months HSBC customers have lost 6.3 million dollars to this type of scam.
TIPS
At the crux of this scam is “spoofing” by which a scammer can make a phone call or text message appear to come from whatever number the scammer wishes use. In this case, although the text message did not come from the victim’s bank, the victim’s Caller ID showed the phone number of the bank as the sender. Trust me, you can’t trust anyone.
Legitimate bank text messages will never ask you to provide sensitive personal information or ask you to make a payment in the event of a possible security breach to your account. If you need to speak with someone in response to such a text message, don’t use the phone number contained in the text message, but rather call the bank at a telephone number you know is legitimate.
Banks throughout the world have got to do their part in helping to prevent this scam and should not be able to hide behind the fact that their customers are being tricked. In the UK recent legislation now allows banks to hold up payment transfers for an extra three days if they have reason to suspect a scam. In the case of Mary Yu, the scammers gaining control of her account raised her daily withdrawal amount to the maximum $50.000 and then withdrew that amount in the same day. This certainly should have raised some red flags.
If you are not a subscriber to Scamicide.com and would like to receive free daily emails with the Scam of the day, all you need to do is sign up using this link. https://scamicide.com/scam-of-the-day/
#textmessagescam #HSBCtextscam