MANCHESTER, NH – St. Mary’s Bank had already scheduled a fraud seminar for the public for next week, when the latest wave of scams hit. In this one, scammers call or text potential victims from a number that looks like it’s from the bank, asking for card information.
“These tend to come in waves,” Shirley Bhutto, senior vice president, director of ERM and compliance for St. Mary’s, said Thursday of the locally focused scam. The bank has plenty of experience in general with scams that look to separate customers from their money, but every once in a while one that targets bank customers with spoof numbers takes hold.
The latest spoofing scam isn’t unique to St. Mary’s. Many banks, both locally and nationally are experiencing the same uptick.
Recent bank failures and vendors updating their information has led to an uptick in scams, Capital One, a national bank with a strong online presence, told customers in an email blast this week.
“Scammers are using this moment of change to take advantage of unsuspecting customers. By preying on common anxieties, fraudsters can trick you into sending money to a phony bank account or providing your personal banking information,” the email said.
The latest scams are just part of a growing trend banks have had to deal with as technology and online banking become more common. People have become comfortable with banking online, and combined with the ability to transfer money lightning-fast to people all over the world, scammers have perfected their methods.
A study released this week by online fraud security company Social Catfish found that New Hampshire residents lost $2.6 million to romance scams in 2022, where someone gains a victim’s confidence, often by pretending to be romantically interested, and then defrauds them of money. Granite Staters lost $18.3 million overall to fraud in 2022, according to the Federal Trade Commission, and $29 million to all types of internet crime, according to the FBI – and that’s just the fraud that was reported to consumer and law enforcement agencies.
Bhutto said that the issue is not online banking, which is safe. “But you have to put the right protections in place,” she said.
St. Mary’s in recent years has held an annual seminar for bank customers and the general public to educate them on scams and how to protect themselves. This year’s is scheduled for 6 to 7 p.m. Wednesday, May 3. With the recent increase in scams, particularly the spoofing one, the bank plans another one for June 8.
Bhutto said the seminars underline the fact that the consumer is in control of not becoming a scam victim. The seminars are a way of getting people to pay better attention to what type of information they should give out, and to whom.
“It’s easy stuff,” she said.
Fraudsters in the latest scam ask for the victim’s debit card number, expiration date, the CVC security code and PIN. Since the call or text looks like it’s from St. Mary’s, people assume it’s legit.
“But we don’t ask for your information,” Bhutto said. “We already have it.”
A big issue is that people tend to behave differently with phone, digital and online interaction than with in-person contact, particularly if they’re told it’s urgent. Bhutto pointed out you likely wouldn’t comply if someone you didn’t know was standing in front of you saying, “Here’s a check for $3,000, give me cash for it,” or “Can I access your account?” But people do when it’s a text, phone call or email.
“There’s a fear factor” with online or phone contact, she said. People are told they have to act right now or something bad will happen to their money, account or transaction. Bhutto said that nothing bad will happen if the potential victim slows down, doesn’t give in and checks with the bank.
“Customers are protected,” she said.
One disturbing trend is that scammers tell people not to tell their bank about the transaction or interaction. “They’re being told to lie,” she said.
“We have to keep saying ‘We’re the ones who are here, we are here to protect you.”
Another issue is that customers feel they’ll be judged or are embarrassed about telling their banker they’ve been scammed. She said that scam victims shouldn’t be concerned about that. “We’ve seen it all,” she said.
The spoofing scam isn’t the only one that banks deal with. Since most scams involve an unwitting victim giving money to the scammer, bank accounts come into play in a number of scams.
One popular scam that takes on many forms involves gift cards. In one, the victim is given a counterfeit check, told to deposit it and use the money to buy gift cards. In some, the victim is asked to buy gift cards to pay for something, without being given the counterfeit check.
In both cases, the victim gives the gift card numbers to the scammer, either by texting a photo of the numbers, including the PIN, or giving them the numbers over the phone.
The scammer has the gift card access information, and the victim is out the money, sometimes in the thousands of dollars, that they used to buy it, or them. If the check was counterfeit, they’re responsible for the amount deposited into their account.
The scammers give the person some reason the check has to be deposited and the gift cards bought immediately, so it usually all is done with before the bank determines the check is counterfeit.
“A gift card is a gift, and that’s it,” Bhutto said. They should not be used for any other purpose.
Bhutto said that St. Mary’s sees one or two counterfeit checks a month, and tellers and other bank staff are trained to spot them, as well as red flags for other scams.
Educating the staff is part of nipping scams in the bud, she said.
That said, the consumer is the first line of defense. Bhutto said that even if the person on the phone or in the text is threatening some kind of disaster, don’t give them information. Hang up and call the bank – at its official number, not the potential scam number – and ask to talk to someone about what was said on the phone. She said bank officials would rather someone hung up on a legitimate call from the bank than lose money to a scam.
Scammers are schooled in how to defraud people, and can be very convincing, she added. “These people do this for a living, they know what to say.” But the bank “is here to protect you for a living.”
Ultimately, the consumer has the power to make sure they understand red flags and how to protect themselves.
Industry experts and fraud prevention advocates offer these tips to avoid getting scammed:
- Set up notifications on your phone so you are aware whenever your account is accessed.
- Never share card PIN, online banking user ID/password, or any other access method with anyone, including joint owners or anyone claiming to be from your bank.
- Never respond to unverified text/email/calls or click links, and don’t assume a link is legitimate just because it has your bank’s number. Call the bank directly at its official number if you have concerns about unauthorized transactions or inquiries.
- Make sure any email address that purports to be from your bank is the bank’s official email, and website is the bank’s official website.
- Never lie to your financial institution when asked about taking money out of your account.
- Never allow anyone to remotely access your device by entering keys/commands or go to a website and download software…even if they threaten you, say you’ll lose money or go to jail.
- Don’t use gift cards for any kind of transaction or buy them at a stranger’s request.
- Don’t ignore unfamiliar bills or debt collection, it could be a sign someone has opened an account in your name, using your information.