A bill pay scam is a serious type of fraud that could affect members at any financial institution. Bill payment scams often involve people taking money from your bill pay online account, which draws funds from your checking account to make payments. In order to do this, a scammer makes you believe they are from your financial institution in order to gain your online banking credentials.
If you believe you have been impacted by a scam like this, contact your financial institution immediately. Here’s what you need to know about these bill payment scams and how our members were impacted in a recent fraudulent text message that was sent out.
Bill Pay Scam Overview
Bill pay is a simple process and one that is fully secure. However, there are risks to anyone using any digital method to make payments that you should know about and plan for. The bill pay scams we have noticed recently involve one or more steps that aim to:
Gather sensitive information (i.e. online banking credentials)
Set up a payment made to them instead of to the intended party (i.e. impersonating a reputable business)
Access your account using the credentials you accidentally provided to set up a payment to a third party that you have not authorized to do so
Scammers can do this for several reasons, but they often contact you asking for personal sensitive information and may even pretend to be a member of a company you know and trust. They often achieve this by “spoofing” a business’ phone number so that it shows up on the caller ID of your phone. In the recent scam impersonating HFS FCU, the scammers sent out a text message with a link and text urging quick action. Clicking on the link took the member to a fake HFS online banking login screen where, by entering login information, scammers were able to access that information and use it to log in to the member’s account to set up a bill pay transaction.
Typically, scammers operate in such a way as not to allow you to see what they are doing, which is why bill pay is often ideal. Most people who use bill pay set up automatic payments and rarely log into their accounts to use it. Scammers also changed the contact information within the account (email, phone number) so that they could use bill pay undetected and not have any notifications sent to the member via those methods.
Online bill pay is still a very helpful and safe tool that could save you time and money. What matters most is protecting your information to keep a scammer from accessing your account. Be sure to never share any personal, sensitive, information with anyone. This includes your social security number, account number, online banking login information, debit or credit card numbers, etc. Also, one helpful tip is to protect your personal information by not accessing your account on open portals like free Wi-Fi hotspots.
Impact on HFS FCU Members
Monitoring what is occurring with your account at all times is critical to your financial well-being. The consequences of bill pay scams, or any other scam include financial losses that could be difficult to recover quickly.
Not only is there the financial loss that comes from the scam, such as taking money from your account, but your personal information could be at risk. That could include your name, contact information, and account numbers. That is why you should do all you can to safeguard your accounts.
How to Spot the Bill Pay Scam
Scams can be tricky and are not easy to spot, even for those who may have a good level of confidence in using technology. Here are some of the clear signs and red flags you need to know to identify a potential bill pay, or other, scam.
Transactions on your account you do not recognize, including payees you don’t recognize
A phone call where you are asked to verify your personal information. No matter who they say they are, don’t give out your personal information. Hang up and call the company they are impersonating directly from a phone number you trust.
Emails or text messages that want you to click on links to access your account. Don’t click the link and, instead, visit the website you already know and trust.
Emails or text messages that want you to download files or forms – it’s not necessary to do this in nearly any situation. Check with the company you know directly and do not click on any attachments.
Requests for your social security number as a way to identify you via a phone call or other method of communication you are not expecting. Do not give out your social security number.
The video below walks through the recent text scam impersonating HFS FCU step by step, even pointing out the red flags to notice indicating that the request is fraud.
How to Take Preventative Measures
You can protect yourself and your information by being vigilant at all turns. If you do not recognize someone for any reason, and that person is asking about your account or for any sensitive information, do not provide any information and disconnect the call. If a request is received by email or text message, do not respond or click on any links or attachments. It is best to block the sender and delete the message.
Before you provide any information, consider the following tips:
Verify any payment requests. Do not simply make a payment because a payment request is received.
Always use secure communication channels. That includes only onsite chat tools, emails directly to our company’s website, and phone calls you make to us.
Monitor your accounts often and consistently. If you spot something wrong, contact us immediately for help.
Stay in the Know
Online scams continue to grow and change. As we learn new ways to protect ourselves, thieves find other ways to obtain information. Therefore, staying current on new types of scams and how they work is critical.
The Federal Trade Commission’s IdentityTheft.gov website allows you to report any scams, and help build a recovery plan if you were affected.
As your trusted financial partner, cybersecurity is something we take seriously. We are constantly working on ways to educate our members and provide resources on types of scams, warning signs, and what to do if any information is compromised by a scam.
If you are a victim of a bill pay scam, or any other type of scam, we encourage you to contact us for assistance at (800) 216-2666 or visit your nearest branch.
You are leaving the HFS Federal Credit Union website. HFS Federal Credit Union provides links to external sites for the convenience of its members. By clicking “Continue” you will be directed to an external website owned and operated by a third party. These external websites are not controlled by HFS Federal Credit Union and HFS Federal Credit Union makes no representation or warranty, express or implied, to the user concerning the information, content, presentation, accuracy or opinion of these sites or the quality, safety, or suitability of any software found on these sites. The privacy policies of HFS Federal Credit Union do not apply to external sites and users should consult the privacy policies on these sites for further information. Thank you for visiting the HFS Federal Credit Union website