nxg|ALERT - P2P Payment Platforms Scams are on the Rise
Unfortunately, phishing scams involving Peer-to-Peer (P2P) payment networks are growing faster than the platforms and regulatory agencies can keep up. In late 2021, the CFPB issued an order to the largest P2P firms, Apple, PayPal, Venmo, and Zelle as a few examples. They requested access to their business plans and practices to better understand the consumer protections embedded in their systems. Ultimately, the CFPB will likely use this to provide enforcement of regulatory and consumer protection requirements in this space. Until then, fraudsters and scam artists are left with a wide open field to develop creative ways to steal information and money from unsuspecting consumers. This scam is good, actually too good. We think it's important to share immediately with your account holders to help them become aware of these sophisticated P2P scams. Feel free to pass along the following information to your account holders.
As the world of banking becomes increasingly complex, cybercriminals are using it to their advantage. Peer-to-peer (P2P) payment services are becoming the new method by which scammers are focusing their efforts, and the most recent one you should be aware of is the Zelle fraud scam. This scam works and is piggybacking off traditional payment alerts.
Here's how it works. Scammers blast out text messages to consumers disguised as a payment alert text, ex: "Alert- Did You Attempt A Zelle Payment For The Amount of $$$?" Reply YES or No". The unsuspecting consumer naturally replies back, after which they are contacted by a fraudster requesting their online banking information as "verification". The scammer then is able to reset the consumer's online banking password and transfer funds using Zelle to other accounts. Because Zelle is a P2P payment service, the transaction happens very quickly, sometimes while the victim is still on the phone.
There are also plenty of other ways that fraudsters will use P2P payment systems to scam consumers. Check out this article from the Federal Trade Commission on mobile payment scams.
How can you protect yourself from this type of fraud? Follow these three critical actions:
Never give out your account information or your personal information to someone who calls you. Even if it appears that the person is calling based on a legitimate-looking email or text message.
Call your institution at a number that is NOT from the communication you received. Scammers can rather easily spoof official-looking phone numbers to make it easier for them to look legitimate. Use only phone numbers found on the financial institution's official website, or preferably from within your financial institution's online baking session or the back of your debit or credit card.
Research before you reply. The simplest thing, like logging in to your online banking to see if there are strange or unverified transactions, can help you determine if the text or email you received is from your financial institution. Take a few extra minutes to research what the communication is telling you to see if you can verify that it is from your institution.
While educating your account holders about the ongoing dangers of breached data, please also remind them that their financial institution is thinking ahead. You have given your account holders the power of professional Identity Theft Recovery Advocates standing ready to help. When identity theft strikes, we have your back!
Please contact your NXG Strategies Client Manager if you have any questions or you need assistance.