Avoid Money Transfer App Scams!
Zelle, CashApp, and Venmo are popular money transfer apps that allow you to send and receive money to and from other individuals instantly, just like handing over cash, even if you and your payee have accounts with different financial institutions. You may have used these apps to pay a friend for picking up lunch, a young neighbor for mowing the lawn, or to help a family member who needs a little financial assistance. You may be the organizer of a charity drive or company event and asked your colleagues at work to contribute by “cash or Zelle” providing your email address or mobile phone number to direct the payments your way. While Venmo was first on the scene, Zelle has grown in popularity to become the most widely used money transfer service in the country. In fact, in September Zelle marked its fifth anniversary by announcing that it has sent 5 billion money transfers since 2017 worth $1.5 trillion dollars. Zelle and other money transfer apps are generally safe and make sending and receiving funds quick and easy. However, it is the quick transfer of funds that enables scammers to trick people into making mistakes, sending money to an unknown person, which like cash, is almost impossible to get back.
Tips on Staying Safe in the World of Instant Money Transfers
-
Protect your secure access to money transfer apps! Never share your password with anyone or write it down where it can be found. Never “remember” your password to money transfer apps or your banking apps on your phone and use extreme caution when handing your phone to a stranger or even a technician. Remember, an unlocked phone can be a direct path to your funds.
Lesson Learned: Lisa purchased a new iPhone at her local wireless carrier store. As part of the setup of the new phone, the technician asked that Lisa unlock her old phone so he could transfer the data to the new one. He briefly took the two phones into a back office. That evening, Lisa noticed a transaction on her checking account. A Zelle transfer of $800 was made to an unknown email address during the time that she was in the wireless carrier store making the transaction for her new phone. Because the technician had an unlocked phone and Lisa had saved the password to the Zelle app, there was a direct path open to stealing her money.
-
Do not respond to a phone call, text message or email that claims to be a financial institution or other authority trying to prevent fraud on your account. If you get such a request related to banking with us, hang up and call our Fraud Department directly or contact our customer service team. We can validate whether we have detected fraud on your account. It is more likely a scam.
Lesson Learned: Stuart received a text message that appeared to be from his financial institution claiming that a suspicious transfer of $1,000 was made from his account to another person. The text asked him to confirm whether or not he authorized the transfer, and when Stuart replied “No” a few minutes later he received a phone call from an imposter saying they were a representative of his bank. This is known as the “Reverse Zelle Scam” – it’s a complicated scam, but simple for criminals to execute. The imposter told Stuart that in order to get the funds back (although the funds had never left his account in the first place), he would need to make a “reverse transaction” by sending the money to himself via Zelle. In the meantime, the imposter had already created a new Zelle account linked to the imposter’s own bank account but with Stuart’s phone number. When Stuart sent the $1,000 Zelle payment to “himself” at his phone number he was actually directing the money to leave his account and be transferred to the criminal’s bank account. To complete this transaction the imposter would need to prove that he had control of the mobile phone to which the number was attached. Still posing as a representative of Stuart’s bank, the imposter told Stuart that he would be sending Stuart a one-time passcode to authorize the reverse transaction. Stuart once again complied, thinking the imposter was directing this to happen. Because Zelle payments are made in real time, the money was gone instantly, leaving Stuart with no time to think about it. It wasn’t until later that Stuart realized that there never was a fraudulent transaction of $1,000 until Stuart, thinking he was fixing the problem, actually sent $1,000 to the imposter. Checkout this short video from Zelle that explains this scam.
-
Don’t rely on caller ID or knowledge of your personal information to validate a caller in your mind. One reason that the “Reverse Zelle Scam” and many others work is that the imposter is able to spoof their caller ID to make it look like they are calling from a financial institution (or other organization of authority). Imposters can also be armed with some pieces of your personal information, such as your date of birth or account number. They are very familiar with the transaction processes that you are engaged in and can pretend that they are watching transactions occur on your account in real time, even when they are not. Victims have reported that imposters sound professional and often have a person waiting to pretend to be a supervisor. Never provide any personal information or authorize any transactions in response to an incoming call, text or email. Disengage and call us or other financial institution directly from a known or publicly published number.
Lesson Learned: Sarah received a phone call like the one described above from an imposter claiming to be from her financial institution. Sarah noticed that the caller ID looked like it was from her financial institution, and the caller referenced the last four digits of her account number when she explained the “supposed” fraud. In a new twist on the Reverse Zelle Scam, the imposter instructed Sarah to send only $1.00. Sarah thought that it was a bit odd but couldn’t see the harm, so she logged in and made a $1 transfer to herself at her mobile number. The caller, knowing that the transaction was instant, was able to tell Sarah that the transfer was successful as if he was seeing the transaction occur within her account. Now, Sarah was hooked, totally believing that the caller was legitimate. The caller was then able to get Sarah to disclose her banking login information, and the one-time passcode to authenticate her identity. Now the imposter had access to all of her accounts and was able to change her login information and verification phone number to his own.
These scams can trick even the most alert and informed customer. It’s important to stay vigilant, and remember:
-
Financial institutions will never ask you for your account information or one-time passcodes when they reach out to you by phone, text, or email. It is never wrong or insulting to question the legitimacy of a call and ask that you can call back at the financial institution’s published number.
-
Be wary of any call or text you receive regarding Zelle or other money transfer or payment app in connection to your bank account.
-
Be aware of text messages with misspellings, grammatical errors, or strange links – do not click links from suspicious text or email messages!
-
Be suspicious of any inbound call, text, or email that seems urgent regarding “suspicious activity” or “fraudulent activity” on your account. You can easily check the legitimacy of this information by calling us or other financial institution to verify the information before taking any action.
Check out this article from the Federal Trade Commission on mobile payment scams. It’s important to share this type of scam with family and friends.
Credit Union of Georgia will NEVER call, email, or text asking for personal information or requesting you reset any passwords or PINs.
If something seems suspicious, please contact us immediately at 678-486-1111.
*Content provided by nxgStrategies