The New York State Division of Consumer Protection is warning New Yorkers about a text phishing scheme targeting cell phone users with an attempt to steal their information. Fraudsters are impersonating financial institutions in New York state, claiming that a customer’s account is compromised “due to unusual activity,” but the message is actually an attempt to deceive the recipient into sharing personal information.
How the scam works
Someone poses as a representative of a financial institution to obtain information such as a credit card number, bank account number or social security number. The message usually asks the user to confirm their account information, make a payment or claim a prize. The link may also ask the users to click on the link inside the text, which directs them to a phony site that looks like the financial institution’s website, or it may install malware onto their device.
What to do
The Division of Consumer Protection, along with the state Office of Information Technology Services recommend the following precautions if you receive an unsolicited text message from a financial institution:
- Inspect the sender’s information to confirm that the message was generated from a legitimate source, but don’t click on the link or call the number on the text.
- Do not respond to the text. Even writing STOP will let the scammer know your number is genuine, and they may sell your number to other scammers, making the problem worse.
- Remember, financial institutions will never ask you to provide confidential information through text. Requests to do so, as well as poor spelling or grammar, are telltale signs of a scam.
- If you are suspicious, call the alleged financial institution directly to understand the protocols for alerting customers of potential fraud.
- Do not post sensitive information online. The less information you post, the less data you make available to a cybercriminal for use in developing a potential attack or scams.
- Keep an eye out for misspelled words, which are used to bypass a phone carrier’s filter system for fraud.
For more information on phishing scams and steps to mitigate a phishing attempt, visit the state Office of Information Technology Services Phishing Awareness resources page or the Division of Consumer Protection Phishing Scam Prevention Tips page.