National Cybersecurity Awareness Month recently was celebrated in October and, as more Americans and their bank accounts come under attack from cybercriminals, the importance of preventative action becomes that much more critical.
These days, cybercriminals are more sophisticated than ever, leveraging technology to successfully impersonate financial institutions to access a customer’s funds. The risks may only grow. Today, some fraudsters only need three seconds of audio of someone’s voice to create a convincing fake.
According to USAA, these are among the favored routes for cybercriminals targeting bank accounts in 2023:
- Impersonation fraud, namely via text phishing and now vishing
- Account takeovers and wire fraud – Cybercriminals like wire fraud because transactions are harder to reverse. In the U.S., losses from wire fraud hit $2.7 billion in 2022.
- Zelle and P2P payments – In many instances, fraudsters – again posing as banks – convince individuals to move money into ‘safe accounts’ via Zelle. Six of the banks that own Zelle lost $225M in 2022.
As a result, USAA has put together ‘Your Defense Checklist’ to help people protect their bank accounts from fraudsters:
- Be curious, be alert! Imposters come in all forms, from banks to family members to government agencies. Ask questions, especially those only the other person would know.
- When you see a suspicious text, call your bank; don’t let them call you: Fraudsters call you, banks won’t. If you receive a text alert on a suspicious charge, call your bank directly.
- Remember, banks will never ask. Banks will never call and ask for a one-time passcode, PIN, password, or other details.
- Don’t wire or send money to any “safe” accounts. Likewise, banks will never tell you to transfer funds to any accounts to protect your funds.
- Verify, verify, verify! If someone, via Facebook or text, claiming to be a family member asks you to send money, double check. Speak to that person or ask someone close to them to verify the situation.
- For banks, double down on verification. The combination of AI-generated voice and stolen personal data can be convincing. Multi-factor authentication creates another layer of contact to verify the person is real.