October 19, 2022 · Credit, Investment, Savings, Security

It’s National Cybersecurity Month; Be Careful When Making Digital Payments

October highlights two very important events, one of which is well known, while the other is not quite as famous—Halloween and National Cybersecurity Awareness Month. National Cybersecurity Awareness Month (NCSAM) is a combined effort of the U.S. Cybersecurity and Infrastructure Security Agency (CISA) and the National Cybersecurity Alliance (NCSA); it unites government and industry to raise cybersecurity awareness nationally and internationally. Another of NCSAM’s goals is to help individuals protect themselves online as threats to technology and confidential data become more commonplace.

Cybercrimes can victimize anyone and they are increasing

Cybersecurity is important, since cybercrime’s effect on people’s lives can be very frightening and cost people money and their identity. According to the 2021 Internet Crime Report from the Federal Bureau of Investigation, “In 2021, America experienced an unprecedented increase in cyber attacks and malicious cyber activity.” Of the top five crimes in the report, identity theft ranked second and personal data breach ranked third. The Federal Trade Commission (FTC) highlighted in its 2021 Consumer Sentinel Network Data Book how most of last year’s consumer fraud money losses occurred: “Bank transfers and payments accounted for the highest aggregate losses reported in 2021 ($756 million).” Not all crimes are reported to government authorities, so the total amount of crimes committed and money lost is probably higher.

There are many types of digital payment apps, platforms, networks and services

According to the World Bank, “Two-thirds of adults worldwide now make or receive a digital payment.” The popularity of online and mobile banking means that digital payments will let us pay almost anyone, anywhere, any time—and virtually instantly. There are different online and mobile payments apps and services that operate both nationally or internationally. Some services are independent companies, while others are owned by larger organizations, such as PayPal® owning Venmo.

A few of the popular digital payment apps, platforms, networks and services in the United States are:

  • Alipay
  • Apple® Pay
  • Cash App
  • Google® Pay
  • Google® Wallet
  • PayPal
  • Remitly
  • Samsung® Pay
  • Venmo (owned by PayPal)
  • Zelle®*

How some scammers trick consumers into revealing account details

All of these types of payment technologies listed above make payments faster, and they have various types of security measures built into them, but they can’t completely prevent users from being tricked into making a payment to a scammer, or letting a fraudster gain access to a user’s account. Scammers can fake phone numbers and email addresses, they can obtain your address, find out what companies you have financial accounts with, and even obtain some of your account information.

An imposter crook can contact you and convincingly imitate a customer service representative from a bank or credit union, and it can be challenging to know if someone is speaking with a legitimate representative or a fake. These fraudsters will first contact and then alarm their victim with some purported “emergency” with their account that must be fixed right away, gain their trust with account details—and then they trick the anxious victim into revealing confidential details that make their account vulnerable to theft.

Even people who are skeptical when contacted by someone claiming to be from a reputable financial institution can be fooled; these scammers are very good at their type of crime, and there is no absolute immunity to being tricked. But there are actions that can be taken that may help make digital payments more secure and avoid scams.

Don’t assume your financial institution can always protect you from scammers stealing your money

A financial institution cannot know who its customers or members are talking or emailing with, and it cannot stop a customer or member from revealing account information or sending money to a fraudster. Your bank or credit union cannot help you unless you contact it and tell its representative that someone may be trying to get access to your account(s).

If a financial company’s customer or member willingly decides to send money to someone, if sending the money is their personal, voluntary decision—even if the funds are going to a crook—that payment is legal, authorized, and the responsibility of the sender.

Suggestions for enhancing the security of digital payments

Delta Community will never call, text, or email its members to ask for checking, savings or investment account details; ATM, debit or credit card Personal Identification Number (PIN) or their telephone access (IVR) PIN. We will also never ask members to send money electronically as a test or share one-time passcodes received via email or text.

Here are recommendations that could make personal digital payments safer:

  • Don’t always send money quickly. You may need to pay someone, but if you do not know them, don’t make a digital payment. Digital payment scams are effective because an electronic payment is very fast and similar to giving someone cash. Always be wary of anyone saying there is an emergency and they need money from you right now. Delaying a payment provides more time to verify that the person contacting you is authentic, and allows time to consider if the payment has to be made electronically or could be accomplished with a slower paper check from a checking account.
  • Only send money electronically to people you know and trust. When you make an online or mobile payment, it’s almost immediate. Because it’s fast, crooks want electronic payments from their victims. Scammers will take your money and then won’t deliver the service or goods for which you’ve paid. Therefore, be very careful about who you are paying; you should only make digital payments to family, friends, colleagues and people that you know and trust.
  • Have your recipient send you a request for funds first to help prevent sending money to the wrong person. Having a request for payment come to you first from the payee, along with the payment details—such as the amount—helps you have accurate information and know that your payment will go to the right person. This precaution is especially useful when you are sending a first-time payment. You also need to make certain the recipient is using the same app or payment service as you.
  • Confirm the recipient’s details before making a payment. If you type in the wrong name, email address, U.S. mobile number or payment amount, then you might send money to the wrong person and/or send the wrong amount. Always double check details—name, amount of money, email address or phone number before sending.
  • Avoid having someone pay you by paper check and then ask you to return some of the money electronically. This activity could be a fake check scam, and the FTC has details on how these work. After giving a check to you for more money than you’re owed, the scammer will then ask you to send some of the funds from the check back to them using a digital payment. The scammer will make up excuses for sending too much money, but the check is fake and no money from it is going into your account. A check can take seven days or longer to settle, clear and deposit funds into your account, but a digital payment is much faster. Any money sent back quickly to the scammer is based on a false deposit, and your financial institution may expect you to repay the money from the fake check.
  • A legitimate financial institution (bank, credit union or other company) will not call you and ask you for account details, or ask you to test payment apps by sending money. If an “agent” calls from your financial services company and says there is an emergency with your account and you need to confirm account details or test sending money immediately—don’t do it; it’s likely to be an imposter running a scam to steal your money. Hang up and call your financial institution using a number from the company’s website and ask to speak to a representative and then check if anything unusual is happening with your account. If you are a Delta Community member, and if someone tries to get personal financial or other information from you, hang up immediately and contact our Member Care Center via our toll-free number at 800-544-3328.
  • Set up your app to require two-factor identification. Most apps have some safeguards built in by default to prevent someone that’s not you from accessing your account and transferring money. If your app doesn’t automatically require some method of additional authentication, such as a PIN, a passcode (usually a set of numbers that might be texted to you), or a fingerprint, then set up two-factor identification (also called multi-factor identification) immediately. By doing this you have extra security for confirming access to your accounts.

Digital payments have great benefits; they’re easy, fast and efficient, but remember to be cautious when making them. The U.S. Consumer Financial Protection Bureau and the FTC offer thorough recommendations on making safer payments, and Delta Community has more advice below.

*Zelle and the Zelle related marks are wholly owned by Early Warning Services, LLC and are used herein under license.