3 Common Bank Scams Targeting NFCU, Bank of America, and M&T Bank

This article is from Trend Micro.

One thing we can all agree on is the fact that merely the thought of being scammed is scary. However, if there is perhaps one type of scam that, above all others, nobody wants to fall for, it’s a bank scam. If you were to fall victim to one, you could lose access to your bank account along with all the money linked to it.

Keep on reading to learn about three clever bank scams that have been circulating recently so you can avoid getting scammed.

NFCU Alert Scam

Although Navy Federal Credit Union is a credit union rather than a bank, we thought we’d include it in this post because this scam has been spreading like wildfire.

The NFCU text scam is a type of smishing (SMS phishing) scam. Scammers have been impersonating Navy Federal Credit Union and sending out text messages telling people that a large payment has been made from their account.

Source: Reddit

The messages are clever because they provide people with a link to cancel/resolve the payment issue, preempting the fact that they will be shocked to learn of it and have a strong desire to fix it.

However, if you were to click on the link, you wouldn’t be taken to the legitimate NFCU website, you would be taken to a copycat version of the real site designed to steal your login and personal information.

Known NFCU alert scam URLs:

• navydvfedcu[.]org
• navycu1fed[.]org

 Bank of America Phishing Scam

Just like the NFCU alert scam, this Bank of America scam is also a smishing scam. We’ve detected it spreading across a lot of the US, with most activity in California, Florida, and Texas.

In their malicious text messages, the scammers try to scare potential victims with various fictional issues. Below are two examples of the messages.

• bofa alerts and security : due to irregular activities your bofa debit cards has been disabled. please log in and review recent transactions at {URL} failure to verify recent activities may result in account closure. reply stop to opt-out of all bofa alerts.
• bankofamericaonline: alerts: due to new online updates your online banking has been temporarily blocked to stop fraudulent use. please visit at {URL} to opt out of message alerts reply stop messages & data rates may apply
   
  The two messages use different scare tactics, but with the same end goal: to get people to click on the embedded links. When clicked on, the links lead to the page in the screenshot below.

As you can see, there are fields for all kinds of personal information including card number, its expiration date and CVV code, and even Social Security number! Armed with this information, scammers could steal all your money and commit any number of other crimes!

Known Bank of America phishing scam URLs:

• alertsandprofilesca[.]com
• prepaidboaonlineservices[.]com

M&T Bank Phishing Scam

Although its goal is the same as the other two scams mentioned in this post, this M&T Bank phishing scam has been spreading via email.

Claiming there have been “suspicious transactions”, the scammers try to get potential victims to click on the green “View account activity” button. Of course, as you no doubt will be able to guess, when clicked on, the button leads to a malicious page designed to steal personal information.

If you’ve received this email, don’t interact with it in any way. Just delete it.

Known M&T Bank phishing scam URLs:

• www[.]romsdeals[.]com/wp-content/wp-contacto/h0k3ts/redir/?m=victim@domain.tld
• readi[.]com/wp-content/wp-contacto/h0k3ts/redir/?m=victim@domain.tld

How to Protect Yourself

• Be highly suspicious of messages that claim to be from your bank.
• Double-check the sender’s mobile number/email address.
• Always go to your bank’s official website directly instead of using links from unknown sources.
• Use Trend Micro Check to detect scams with ease — for FREE!
   
  Trend Micro Check — our 100% FREE browser extension and mobile app — can protect you against scams, malicious websites, dangerous emails, and lots more! If you come across something dangerous online, you’ll be alerted in real time so you’ll know to stay well clear.

As ever, if you’ve found this article an interesting and/or helpful read, please do SHARE it with friends and family to help keep the online community secure and protected.

Source: pexels.com