How to detect bank phishing scams (12 Things banks will never do)
Recently the rise of bank phishing scams has grown to such a large extent that it is no longer possible to ignore the risks. Everyone is being targeted by spam and messages claiming to be from the bank. Hackers and cybercriminals are getting smarter regarding hacking with social engineering. The key to being safe is to know when the email or message you receive is a fraud. Here are 12 things that a real bank will never do but hackers and criminals will. Learn how bank phishing scams happen
Table of contents
- 1) Message or email asking for details to “confirm” it’s you
- 2) Asking you to install a banking app via email.
- 3)Give you a deadline of 24 hours before your bank account deletes itself
- 4) Send you a link with a document or a link as shown below.
- 5)Use shortened URLs in an email
- 6) Send a courier to pick up your “faulty” bank card
- 7) Phone scam asking for info
- 8) Email you at a new number or email address without warning
- 9) Use an unsecured web page or website
- 10) Address you as “Dear customer” or dear “email@example.com.”
- 11)Sends a personal message with a blank address field
- 12) Email you asking for lots of information
1) Message or email asking for details to “confirm” it’s you
Your bank may text you on occasion for security reasons, and in cases, there is some suspicious activity on your account – but a bank will never ask you to confirm your details, such as passwords in a text. Banks also don`t update their data in this way.
They will not send you such mail. If you’re suspicious, don’t click on links and respond to emails don’t call any numbers. Instead, call your bank on its “official customer care” number and verify if the text is actually from them. You can learn more about phishing and fake links here.
2) Asking you to install a banking app via email.
Banks will never ask you to update your app via email or install any app via email. You should always use apps only from the play store. Avoid all other sources.
These are malware that is targeted at you. The moment you install such apps, your system will be compromised, and your account hacked. Do not install those.
3)Give you a deadline of 24 hours before your bank account deletes itself
Many legitimate messages from your bank may have tags such as urgent or important– particularly those related to suspected fraud or suspicious activity. But any message with a deadline is fake. Banks do not give deadlines over email. And banks do not close accounts directly.
They will take proper legal procedures, and you will be notified of the same in person. Hackers create a sense of urgency to convince the target and not check the message properly. Also, phishing sites are detected by authorities and closed down. Any message saying that they will close your account with a deadline is fake. This is a bank phishing scam
4) Send you a link with a document or a link as shown below.
The new banking Trojan emote has been discovered in the wild. You can read more about it on the quick heals blog and research paper.
Such emails and links contain malicious attachments like doc, pdf, Xls, js, etc. Once a user opens such an attachment, it will download and launch Emotet on your system compromising all passwords and security.
Your bank will not distribute apps, documents in such a way – instead, download from official app stores. Download documents from the official website only.
5)Use shortened URLs in an email
Cybercriminals have started using shortened URLs to trick victims. I have already made an article on how to check and verify links. Make sure you verify any link before clicking it. Many exploits can compromise your system with a single click. So it’s always better to secure your system properly and always check for links to ensure they are real.
Do not fall for any mails or links claiming to be from the bank.
6) Send a courier to pick up your “faulty” bank card
Here you get a phone claiming to be from your bank, and they say that they need to replace a faulty bank card. One of the new services they offer is courier replacement – and the bank tells you that a courier will arrive shortly to collect the faulty card.
When the courier turns up, he will ask for your card PIN as “confirmation”. And soon – all your money magically disappears. This scam has targeted thousands of people, and many are falling victim to it. Do not fall for such scams.
If your card is actually faulty, then a real bank will instruct you to destroy it completely, and send you a replacement by post to your address as stated during account creation.
7) Phone scam asking for info
An old scam method where you get a call from either “the police” or “your bank” says that fraudulent transactions have been detected on your card or bank account. Then they will play the bank tone trying to appear legit and then ask you for a password or other sensitive information.
Banks will never ask for any such details. It’s your responsibility not to fall for such scams. Anything related to the banks goes to the bank directly or their official website. Do not fall for these obvious bank phishing scams
8) Email you at a new number or email address without warning
If your bank suddenly contacts you on your alternate mobile number or the alternate email address that you have not given to the bank, it is a scam. Banks will never add numbers and email addresses to your account without your explicit confirmation and your manual action.
If anyone claiming to be from the bank asks for any such info. Contact the bank and inform them of the scam. Report such criminals so that they are caught and punished.
9) Use an unsecured web page or website
If you’re on a “real” website of your bank then, it will always be much more secure and have HTTPS encryption along with the authority of signing. Do not trust any website with a weird name. Check the URL and confirm that it is actually the real website. You can always refer to the verify link article for a more in-depth analysis of verifying links. This is an important method to save yourself from bank phishing scams.
10) Address you as “Dear customer” or dear “firstname.lastname@example.org.”
Banks will always address you with your name and title – i.e. Mr. Smith, or Mrs. Smith. They will also add another layer of security by quoting the last four digits of your account number. This is to reassure you it’s a real email and not a phishing email. Any emails starting with “Dear customer” or “Dear [email address]” are fake and are mostly automated spam used to scam people into giving out their data. Do not trust any email with such obvious signs of being fake.
11)Sends a personal message with a blank address field
If you receive a personal message from your actual bank, it should be addressed only to you – not just in the message, but in the email header as well. Ensure that the email is legitimate. I have also written an email on how to trace back emails and verify their origin. Hopefully, it will help you know if the email is fake.
12) Email you asking for lots of information
If you see a form or an email asking for a large amount of information, close the link and call your bank. A bank will never do such a thing. Even for password changing or in case of any suspicious activity, they will ask you to contact the bank or change the security passwords from the official bank website. They will never ask for passwords pins on emails. Any such mail asking for bank details is fake. Do not respond to such emails. Report them as spam.
Banks will never donate money to your account and ask for account information. If you are that gullible then please seek some professional help regarding account and bank security to protect you and your money from bank scams
I hope you learned a lot of new things about bank phishing scams if not then check out other articles on the website. I’m sure you will find something to meet your needs. Be safe and stay safe on the internet.