You’ve been chatting with someone on a dating site and things seem to be going well. So well, in fact, that you’re already talking finances. The person asked you to conduct a simple transaction at your bank on their behalf. Wanting to build a trusting relationship – you of course agreed. Things must be serious, right?
In reality, your own finances could be in serious trouble. Not to sound alarmist, but each day, scammers are practicing what’s called social engineering — tactics that deviously manipulate you into compromising your own security by voluntarily sharing confidential information.
How can you help prevent yourself from falling victim to social engineering? Awareness and a healthy level of skepticism are the first lines of defense. So go on, arm yourself.
What is Social Engineering?
Simply put, social engineering is when scammers use deception to obtain personal information and use it for fraudulent purposes.
Fraudsters can commit social engineering numerous ways, but in most instances, they fool you into giving them confidential passwords or bank account information. They might also ask for access to your computer. If you grant permission, they can take control of the machine and install software that gives them the ability to see all your account login information and passwords.
Anyone can be a target of a social engineering scam. In 2017, the Federal Trade Commission received more than 755,000 reports of social engineering fraud, which resulted in $555 million lost.
And contrary to popular thought, the young are more vulnerable to social engineering than older generations. According to the same FTC report, 20-somethings lost money more frequently in fraudulent situations than septuagenarians (a.k.a. those in their 70s). Twenty to 29 year olds lost money to fraud in 40 percent of reports filed with the FTC compared to just 18 percent of those ages 70 and older.
What are some common social engineering scams?
You’ve probably heard about the one where an overseas prince named you a beneficiary in their will and needs your financial information to transfer your inheritance.
But you might not be familiar with the following tall tales that scammers hope will swindle you out of thousands, or even tens of thousands, of dollars.
The Sweetheart Scam
Popular online dating sites are where the magic happens these days, but fraudsters often use them to perpetuate this scheme. The con artist acts romantically interested in an unsuspecting person. Once a trusting relationship has developed, the scammer will mail the other person a large check (think: $15,000 to 20,000) for business reasons and request a money order to be sent in return for the same amount. The initial check bounces, leaving the innocent party out a lot of cash.
The Stranded Traveler Scam
Targets receive an email that appears to be from a friend claiming that while traveling overseas, they’ve encountered a problem and need money. The message asks for funds to be wired, along with a promise to repay them once the person is back in the United States. But you guessed it — that money is never repaid.
The New Account Scam
Paying someone to open and manage a bank account sounds crazy, but it’s another common ploy. A new account holder may be asked to make deposits, transfer money to others, or provide account and routing numbers. At some point, the con man will write checks without sufficient funds in the account, leaving the unsuspecting account owner holding a bag of expensive overdraft charges.
The Payday Loan Scam
This scheme is extremely basic. People believe they’re applying for a payday loan, so they fill out an online application. But in reality, they’re handing over all their personal information to a criminal.
The Grant Scam
“Congratulations — you’re the recipient of a grant worth several thousand dollars! All you have to do is provide us your bank account information and we’ll send you the money.” Instead of receiving a financial prize, the victim’s bank account is drained.
The Overpayment Scam
This con can occur with various types of “businesses,” work-from-home companies and vacation rentals are some of the most common. Generally, victims receive a payment that’s more than what was initially agreed upon. They’ll return the excess and deposit the original check, only to learn that there are insufficient funds in the account.
Some con artists may hack email accounts from reputable people that accept payments, like attorneys or real estate agents. Using their name and email address, they’ll send a message directing you to send money to a fraudulent account.
Scammers also impersonate banks and might contact you directly via phone, email or text. This correspondence — which can look and sound official — will ask you to verify personal information, including account numbers, user names, and passwords.
How can you protect yourself against social engineering?
Most importantly, be suspicious of anyone you don’t know and of any request that makes you feel uncomfortable. (Your gut can tell you a lot!) And never, ever give anyone your bank account information, access to your computer, or your email login credentials. Downloading a digital file from someone you don’t know is also a no-no.
These scams aren’t sophisticated, and your level of protection doesn’t need to be, either. Fancy data security programs or high-tech measures employed by financial institutions are important to help protect your digital data, but they’re less effective in keeping you safe if you’ve been swindled into handing over sensitive data to a fraudster yourself.
Simply being mindful — and skeptical — and about the situation can keep your money and your bank accounts more safe and secure.
If you receive a phone call or an email that sounds similar to one of these popular rip-offs, ask yourself the following questions:
- Do you know this person?
- Did you meet this person online? Are they trying to manipulate you, emotionally (i.e., make you feel sad and/or bad for them)?
- Have you shared any personal account information with them?
- Is the person asking you to send money to them?
- Does what you’re hearing sound too good to be true?
Notice a large purchase or withdrawal you didn’t make from your checking account? If you think your bank account has been compromised, contact the financial institution immediately.
Regular account monitoring is also a good best practice to help you spot any fraudulent activity early on. This means checking your transactions before that monthly statement rolls into your inbox. To make tracking and monitoring a bit easier, you can set up fraud alerts, transaction alerts, and/or card controls.
At Ally Bank, we offer our debit card customers the Ally Card Controls app, which allows you to control where and how your card is used and easily monitor your card’s activity. You can set up specific merchant categories or transaction type controls, giving you greater control over your card’s activity.
Now that you know what to look out for – you can get back on that dating site armed with a healthy level of skepticism for scammers.