Fraud – Police Federal Credit Union of Omaha

Home >> Fraud

The Growing Threat of Phishing: Protecting Yourself Against Cybercriminals

In the recently released 2022 Internet Crime Report by the FBI’s Internet Crime Complaint Center (IC3), it has become evident that cyber actors continue to plague Americans, with dollar losses escalating by 49%. Among the staggering number of complaints received by the IC3, over 37% were related to phishing attacks. Phishing has emerged as the single most prevalent category of cybercrime, causing significant financial losses, particularly among citizens aged 60 and older. This article delves into the origins of phishing, and its evolution into a top hacking category. It also offers essential tips to help protect you from falling victim to these malicious schemes.

Understanding Phishing

Phishing is a technique employed by cybercriminals to deceive individuals into divulging sensitive information or installing malware on their devices. This method is executed through various channels such as phone calls, emails, SMS texts, or even social media messages. The term “phishing” was coined in the late 1990s when hackers began using email lures to “fish” for passwords and financial data from unsuspecting internet users.

The Evolution of Phishing

The concept of illegal hacking began in the 1970s, long before the introduction of the internet, with a scam called “phone phreaking” or simply “phreaking.” This form of hacking used machine-driven audible tones to manipulate telephone systems to make free phone calls worldwide. By the late 1990s, when hackers began using lures to “fish” for passwords and financial data from unsuspecting internet users, they coined “phishing” as an homage to their criminal predecessors of the 1970s.

Over the past two decades, phishing has become increasingly sophisticated, pervasive, targeted, and costly. In 2022 alone, the IC3 reported losses of $52 million due to phishing attacks. Notably, unreported losses from such incidents are significantly higher, making it crucial to stay informed about the latest phishing techniques and safeguard oneself against these threats.

Types of Phishing Attacks

Email Phishing: Attackers send fraudulent emails that mimic reputable sources, such as banks, government agencies, or popular online services. These emails often create a sense of urgency, urging recipients to click on malicious links or provide personal information.
Spear Phishing: This targeted approach focuses on specific individuals or organizations. Cybercriminals gather personal information to craft tailored messages that appear authentic, often impersonating colleagues, vendors, or clients to manipulate victims into revealing sensitive data.
Smishing and Vishing: Phishing attacks have extended beyond emails. “Smishing” refers to fraudulent text messages, while “vishing” occurs through voice calls. These tactics rely on social engineering to deceive victims into sharing personal information or clicking on malicious links.

Avoid and Identify Phishing Attempts

Stay Vigilant: Be cautious of unsolicited emails, especially those requesting sensitive information or containing urgent requests. Look for signs of poor grammar, generic greetings, or email addresses that don’t match the claimed sender.
Verify the Source: Before sharing any personal or financial information, independently verify the email’s legitimacy or message’s legitimacy. Contact the organization directly through their official website or customer service channels to confirm the request’s authenticity.
Be Wary of Links and Attachments: Hover over hyperlinks to reveal the true destination before clicking. Avoid downloading attachments or files from untrusted sources, as they may contain malware or ransomware.
Strengthen Passwords and Enable Two-Factor Authentication: Use unique, complex passwords for each online account. Enable two-factor authentication whenever possible, adding an extra layer of security to your accounts.
Keep Software Updated: Regularly update your operating system, web browsers, and antivirus software. Software updates often include security patches that help protect against known vulnerabilities.
Educate Yourself and Others: Stay informed about the latest phishing techniques and trends. Share knowledge with friends, family, and colleagues to raise awareness and help them avoid falling victim to phishing attacks.

And remember, if you feel that you are at risk of identity theft, make sure that you have activated monitoring of your credit to be alerted as quickly as possible to credit fraud. But, don’t rest there. Watch your checking account transactions and for suspicious postal mail that may indicate fraudulent accounts opened in your name. If you feel you could be a victim of identity theft, we have you covered! With the Premier Checking account, you have access to Fully Managed Identity Theft Recovery Services. We can provide a professional Identity Theft Recovery Advocate to help you rescue your good name!

Scholarship Winners

Congratulations to the 2022 – 203 Warren A. Morrow Scholarship Winners!

Easten Kinsey, son of Jeremy and Jennifer Kinsey

Ethan Boyes, son of Nicolette Nielsen and grandson of Eric and Deb Buske

Jaxson Leahy, son of Dominique Dillon and Thomas Leahy

Zachary Swanson, son of Michael and Becki Swanson

Protecting the Older People in Our Lives from Becoming Victims of Scams

In the last two decades, the over-65 population of the world has greatly increased, and so has the average life expectancy. In the same period, there have been dramatic advances in technology and a surge in the number of technological devices in most homes. A January 2022 Pew Research study found that 75% of adults over 65 in the United States use the internet regularly. Unfortunately, this increased use of technology brings a heightened risk of fraud for all Americans. In this article, we will address the most prevalent scams targeting our senior citizens and provide simple advice on protecting yourself and your elderly loved ones.

Why do Scammers target Older Americans?

Healthy and ailing seniors are equally targeted, as scammers repeatedly go after the life savings of the older generation. According to the Federal Reserve, at the end of Q1 of 2022, Americans aged 55 and up controlled 67.7% of all the wealth in the U.S. while representing only 21% of the population. Scammers take advantage of seniors’ lack of experience and knowledge about computers and cybersecurity.

Why Many Scams Against Seniors Go Unreported

Falling for a scam is often a source of embarrassment for older Americans as they and their loved ones may see this event as a sign of cognitive decline. But falling prey to these scams shouldn’t be a source of embarrassment, as the individuals committing these acts of fraud are highly trained experts. They successfully target people of all ages and economic and educational backgrounds. These professional criminals know what to say and how to sound incredibly convincing while adding a sense of urgency that the claim they are making must be handled immediately to avoid financial ruin. Even so, the elderly population falling victim to a scam is more likely to go unreported out of embarrassment, shame, fear, or simply not realizing that a crime has been committed. The real numbers are likely even higher because many of these thefts go unreported out of shame or lack of awareness that a crime has occurred. Unfortunately, the average amount people lose in a single scam increases with age but ranges from $600 to $1,6 00. This is only an average. Many higher-value scams have also been reported, upwards of hundreds of thousands of dollars.

Most Common Scams Targeting Seniors

According to a recent National Council on Aging (NCOA) report, scams targeting older adults are rising. In 2021, there were 92,371 older victims of fraud, resulting in $1.7 billion in losses. The five most common scams are summarized below, along with what to do to protect yourself and the seniors in your life.

Government Impersonation Scams

If you receive a call from someone claiming to be from a government agency, such as the Internal Revenue Service (IRS), the Social Security Administration, or Medicare, be wary. Impersonators will attempt to convince you that they are acting on behalf of a legitimate agency. Never give out personal information on the phone or online when you receive a call. Hang up and call back at a published number for the agency, not a number provided to you by the caller. The impersonator may use intimidation tactics to scare you, such as saying that you owe taxes, threatening to seize your assets, or sending you to jail if you don’t act quickly. They may threaten to cut off your social security or medical benefits. Don’t be fooled. They are trying to get you to respond at the moment. A legitimate agency will never use these tactics. Remember, when in doubt… CHECK IT OUT. A legitimate government agency representative will understand if you state that you will call back to verify that this information is correct and not a fraud.

Sweepstakes and Prize Scams

With the lure and excitement of winning something valuable, many victims willingly enter their bank account details to “validate their account” to receive the prize, only to find out later that funds have been removed from their account rather than added to it. Some scammers invoke the name of well-known prize organizations, like Publishers Clearing House, to instill trust, then ask for a credit card number or personal information, all intending to commit identity theft. Vacation scams might indicate a deep discount on a property that either doesn’t exist or isn’t owned by the person listing it. These offers will often stress the urgency of making a down payment immediately to lock in the discounted price. Once victims fall prey to the scam, they may receive multiple requests for information or money from the fraudsters over months or even years.

Robo Call Scams

Robocalls take advantage of phone technology to simultaneously call thousands of phone numbers, hoping to find that one caller that will hold on the line long enough for a scammer to pick up the call. The robocall that everyone knows well is the expiring car warranty. These types of calls continue because they work based on the number of calls made across the country. If a person, in particular, an elder American, actually takes this call, they may purchase unwanted and unneeded items or worse. Criminals also use these robocalls to phish for personal information using a variety of pretenses. One very simple and dangerous technique used by scammers is the “Can you hear me?” scam. In this scam, the caller starts the conversation by saying, “Can you hear me?” They record the older person saying “yes.” The scammer convinces the elderly person to provide a credit card number, whether it’s a phony product or an intimidation scheme, claiming an “impending lawsuit” or fines from a government agency or police. If the senior objects to the charges, the scammer can use the recorded “yes” to state that the elder “consented” to the charges.

Computer Tech Support Scams

Whether a website pop-up, an email, or a phone call, Tech Support scams are an effective way to dupe unsuspecting people into providing confidential information, credit card information, and, worse, remote control to their computer. Older citizens who may lack knowledge about computers and cybersecurity are particularly vulnerable to this scam, which goes like this. A pop-up message or blank screen on a computer or phone telling the victim their device is damaged and needs an urgent fix or data, especially precious photos, could be lost forever. When the victim calls the provided support number for help, the scammer will try to gather as much information as they can, which will help them commit other forms of fraud or identity theft. The cybercriminal may also request remote access to the older person’s computer, allowing access to credit card and bank account information. The fraudster may claim a small fee for the service, not much so that it does not set off any alerts, but the real prize is the credit card number provided for the payment, which can be used for additional fraudulent transactions later. According to the FBI’s 2021 Elder Fraud Report, the Internet Crime Complaint Center (IC3) fielded 13,900 tech support fraud complaints from older victims who suffered nearly $238 million in losses.

The Grandparent Scam

Many Americans over the age of 55 have grandchildren. As a person approaches age 70 and up, those grandchildren may be teenagers or young adults. This is a predictable audience for perpetrators of The Grandparent Scam. A caller may start the call with an urgent or upset tone, saying, “Hi, Grandpa, do you know who this is?” This question instantly lowers defenses, implying that this must be someone you know. If an unaware grandparent says the name of a grandchild, the scammer will confirm, instantly securing their trust. “Is this Billy?” “Yes, it’s Billy, Grandpa. I’m in trouble.” The scammer will ask for money for urgent financial needs like a disabled vehicle, school loans, or jail bond. The criminal will ask that the grandparent pays via gift cards or money transfer so they can access the money and remain anonymous. In other versions of this scam, the caller may pretend that they are an arresting officer or lawyer, even going so far as pretending to be a courier hired by the grandchild and going to the home of the elder to pick up cash or cards.

While these five scams are the most prevalent, they are not the end of the line.

Other Scams to Watch Out For

Counterfeit Prescription Drugs, COVID Prevention, and Fake Anti-Aging Products. These prevalent online scams are useful to criminals to gather credit card and other personal information of unsuspecting seniors by selling substandard or ineffective treatments, which is not only a financial risk but also a health risk.
Fake Employment Opportunities. NCOA states that Over 15 million (or roughly 1 in 3) older adults aged 65+ are economically insecure, with an average annual income of only $25,760. In addition, these seniors may see a need to help other family members with their financial challenges. These situations make the elderly susceptible to fake “work from home” scams. The purpose of this scam is to gain the personal information of the senior, especially their Social Security number, which the scammer can sell on the black market or use for identity theft, further complicating the victim’s financial woes.

Sweetheart Scams. Those who have recently lost a spouse or are isolated due to medical concerns or other circumstances are especially vulnerable to people seeking to form a bond through friendship or romance. Unfortunately, heartless and unscrupulous scammers know this as well. People you meet on the internet could have a long-term motive (a year or more) to gain the trust and access to the savings of unsuspecting seniors. People 70+ years of age experience the highest incidence, with an average loss per victim of almost $10,000.

How Can You Better Protect Yourself and Your Loved One? Follow these tips from the FBI.

Recognize scam attempts and end all communication with the perpetrator.
Search online for the proposed offer’s contact information (name, email, phone number, addresses). Other people have likely posted information about individuals and businesses trying to run scams online.
Resist the pressure to act quickly. Scammers create a sense of urgency to produce fear and lure victims into immediate action. Call the police immediately if you feel yourself or a loved one is in danger.
Be cautious of unsolicited phone calls, mailings, and door-to-door service offers.
Never give or send any personally identifiable information, money, jewelry, gift cards, checks, or wire information to unverified people or businesses.
Ensure all computer anti-virus, security software, and malware protections are up to date. Use reputable anti-virus software and firewalls.
Disconnect from the internet and shut down your device if you see a pop-up message or locked screen. Perpetrators regularly use pop-ups to spread malicious software. Enable pop-up blockers to avoid accidentally clicking on one.
Be careful what you download. For example, never open an email attachment from someone you don’t know, and be wary of email attachments forwarded to you.
Protect your identity if a criminal gains access to your device or account. Immediately contact your financial institutions to place protections on your accounts, and monitor your accounts and personal information for suspicious activity.

How Can You Protect Your Loved Ones?

Keep your elderly family members and friends up to date about scams circulating online.
Ensure that a trusted family member or financial advisor monitors loved ones’ bank and retirement accounts, watching for suspicious withdrawals.
Stay in touch! Regular visits and phone calls will keep you connected with your loved ones, lessening their chance of falling victim to a scam that targets those who feel isolated. In addition, your family member might mention a strange email, a new way to get their medicine, or sweepstakes they have entered – all of these are red flags.
Share articles like this with them and others who help with caregiving needs. Staying current about what techniques scammers are using is the best form of protection.

As mentioned, a primary or secondary motive in these scams is collecting personal information that the criminal or others later use to commit identity theft. If you feel that you or an elderly family member has fallen victim to identity theft, call us immediately to speak to one of our Identity Theft Recovery Advocates. Quickly recognizing and addressing the issue will minimize damage to your accounts and identity. In addition, Premier Checking Account holders have access to specialists around the clock who can answer your questions, address your concerns, and advise you on the best next steps to get back on track.

Unemployment Fraud: How it Works and How to Fight It.

Across the nation, identity thieves are exploiting the COVID-19 pandemic by committing Unemployment Benefits Fraud, which is filing for and collecting unemployment benefits fraudulently by using the identity of someone still employed. This type of scam is very difficult to detect. Sometimes the employer is the first one to know that a scam has taken place by receiving a notice of an unemployment claim from employees who are still very much employed.

Let’s take a quick look at how this scam works. It is important to know how to react quickly to minimize the damage.

Fraudulent claims of unemployment are rampant. States’ unemployment offices across the nation have been targeted for fraudulent claims of unemployment even before the pandemic began, but the activity level has drastically increased over the last year to the point that it is the number one type of identity theft issue reported. Fraudsters are counting on the fact that the unemployment office is overwhelmed with claims, and the state is trying to minimize the financial impact of the pandemic on suffering citizens by processing the claims more readily than it might in the past. If criminals flood a particular state with bogus claims, pressure mounts to move documents through the process, and that just makes it easier for fraudulent attempts to get approved.

How unemployment fraud works. The identity thief collects the personal information of an individual, along with the individual’s place of employment, through one or more previous data breach incidents. Unfortunately, this is all too easy. The thief files for unemployment benefits in the state of residence of the individual, impersonating the worker. The thief typically requests that the funds be deposited into a bank account set up for this purpose.

Alternatively, claims filed by scammers can result in the issuance of a check or payment card. The thief may succeed in using an alternate mailing address which directs payment to their location. Or if that doesn’t work, after the fraudulent claim has been filed the scammer may contact the recipient by phone or email, posing as the state’s unemployment office, instructing the unsuspecting employee to “correct the error” by transferring the funds to them.

This type of unemployment fraud is very difficult to detect. In fact, a worker may not know that they have been a victim of unemployment fraud unless:

They apply for unemployment benefits and learn there’s already an open claim in their name.
They receive a form 1099-G listing unemployment income that’s subject to federal income tax.
They receive notice from their state unemployment office confirming that a claim has been filed.
Or more commonly, they receive notice from their employer that someone has filed for unemployment benefits in their name.

You are not alone. If you are a [name of covered account] account holder you have access to Fully Managed Identity Theft Recovery which provides a personal Identity Theft Recovery Advocate to work with you if you suspect identity theft or you have seen confirmed identity fraud. Your Advocate will advise you on steps to take to resolve identity theft, and when possible your Advocate will act on your behalf to perform the legwork necessary to help you dispute and recover from fraud.

How to address fraudulent claims of unemployment. If you discover that a bogus unemployment claim has been filed in your name, you should do the following:

Contact your Identity Theft Recovery Advocate. While there are limitations on what your Identity Theft Recovery Advocate can do in the case of Unemployment Fraud they can be your guide to move through the process of recovery. At the same time, they can help you uncover any other type of identity fraud that may be lurking in the shadows. Or, you may use the information below and report the fraud to your state’s unemployment office and to your employer before calling an Identity Theft Recovery Advocate.
Either before or after you speak to your Identity Theft Recovery Advocate, notify your state’s local unemployment agency. Your state’s unemployment office will not allow a third-party to be on the phone or file a complaint of fraud on your behalf, so this step will be necessary to perform on your own. Some states have made this step easier by setting up a website to collect complaints of fraudulent claims. Check this option for your state before you attempt to file a claim by telephone. Filing a complaint on the web is typically faster and more accurate. Use this website to find the appropriate way to report unemployment fraud in your state of residence.
Inform your employer. The state’s unemployment office will contact your employer to verify the claim of unemployment. Hopefully, funds will not be released until this verification is received. If your employer notifies you of a bogus claim, ask your human resources department to report the fraudulent activity to the state’s unemployment office. Make sure you also notify the unemployment agency yourself as there will need to be confirmation from both parties.
Be wary of anyone attempting to contact you about a fraudulent unemployment application. It is possible that your state’s unemployment office will contact you regarding a report of a fraudulent unemployment claim, asking for further information. If you have already been notified by your employer of the fraudulent activity or if you have received confirmation of an application for benefits from the state, then this may be a legitimate call. However, the high incidence of unemployment, coupled with the growing awareness of rampant employment fraud, makes people susceptible to a very simple, but effective telephone scam. There may be no fraudulent application for unemployment in your name at all, but the caller makes you think that you have been a victim of unemployment fraud. The caller will go on to ask you to verify personal information, including checking account numbers, Social Security number, date of birth, etc., which is the information needed to commit many types of fraud and identity theft. If you were not a victim before the call, you may be one by the end of the call. The best course of action is to politely tell the caller that you will call back to the agency on a published number. You may also want to check with your employer to see if they have received a claim for unemployment benefits in your name. If not, this may be a scam.
Stay vigilant to other forms of identity theft. Your Identity Theft Recovery Advocate will help you understand the risks of other types of identity fraud. Make sure that you have activated credit monitoring and dark web monitoring and pay close attention to alerts. Get back in touch with your Identity Theft Recovery Advocate if you see any additional suspicious activity.
Be part of the solution. If you suspect unemployment fraud is connected to email or bogus websites or social media accounts, file a report at the FBI Internet Crime Complaint Center at https://www.ic3.gov.