Avoid Financial Account Phone Scams
The Michigan Department of Insurance and Financial Services (DIFS) is alerting consumers to an increasingly common scam in which victims receive a phone call or text from someone claiming to be from their financial institution in an attempt to gain access to financial accounts to steal funds.
In this scam, the victim receives a phone call or text message that appears to be from the financial institution's legitimate phone number with a technique known as "spoofing." In the call or text, the scammer lies to the victim about an issue with their account, such as an unauthorized purchase or overdraft, and then assures the victim that they can resolve the issue during that call or texting session. The scammer asks the victim to verify account credentials or personal information and then uses that information to log in and initiate transfers and transactions to steal money from the victim's account.
Under no circumstances should consumers provide a person calling them with information about their financial accounts. Here are the most important steps that consumers can take to avoid falling prey to these scams:
- NEVER give personal or account information to anyone calling YOU, even if the caller says that it is for "verification purposes." Personal information or identity verifying information should be provided only to organizations or companies that you have called or initiated contact with.
- If the person contacting you says that there is a problem that must be resolved immediately, hang up and call the phone number that you know will get you to someone who can be trusted with personal or account information. This could be the phone number on your debit or credit card, account statement, or on mailed correspondence from the company. Do not call phone numbers provided in text messages or voicemails by the person contacting you.
- Use multifactor authentication measures in addition to a password to log into accounts, such as a security code sent via text message or email. Do NOT provide this security code to anyone under any circumstances. Other multifactor authentication measures can include a scan of your fingerprint, retina, or face on a mobile device, or a passcode via an authentication app.
Individuals who believe they are a victim of fraud should first contact their financial institution or the company that the compromised account is with to attempt to resolve the issue.