Learning Center

Hi, I'm Mark, the host of SAFE Cents! Welcome to our Learning Center, a place where you can improve your financial health.

Thank You For Your Payment Scam

Blog Post
2 min read
Thank You for Payment Scam Graphic

Phishing is a type of “social engineering” where a scammer (threat actor) tries to collect personal information from you. It occurs when a user receives a fake message via social media channel or email from a hacker or social engineer posing as a legitimate business. The message may contain a nefarious link leading to an unsecure page that could put your security and privacy at risk. Another common method is to ask you to enter information into a fake website that looks and feels just like the real one.

Scammers have become increasingly sophisticated and convincing, so remember never to share information unless you are sure of who you are sharing with.

Current Scam

June 2021: There have been recent instances of social engineering where it is reported that threat actors will send text messages and emails to online/mobile banking members pretending to be from a legitimate business. The text/email essentially thanks the member for their purchase/payment and provides a phone number to call to “If there has been a mistake”. When a member calls this number, the bad actors will request login credentials to their online banking profile, to issue a refund. If access is given, the bad actors will then have the ability to transfer funds out of the members’ accounts through various products.

Emails are being sent out that look like they are from Norton Lifelock, Microsoft, and McAfee, a company that sells antivirus and anti-malware software.example of a scam email

(HINT: the emails are NOT from these companies.)

The emails state that a charge between $350 to $499 for a security product — maybe an auto renewal or new order, has posted or will post against your account. If this is a mistake, the email says, you should call immediately.

(HINT: don’t.) The threat actors constantly change the email subjects, but they all pretend to be a billing subscription from a well-known security company. As these are fake billing notices, the hope is that the recipient will call the number to be tricked into giving remote access to their computer.
 
Some scammers/threat actors might ask you to “verify” your credit/debit card information, while others might say they need your password to remote into your computer so they can remove the Norton program. But if you let them, they could install malware, block you from getting to your own files, and sell you worthless services.

So how are these scammers operating? To cancel the subscription, scammers require you to visit a support site, which pretends to be a BestBuy Geek Squad support site. From there, scammers walk users through downloading AnyDesk remote access software and are told how to enable it for unattended access. After the “fake tech” installs a security program; users are instructed to open a Notepad window and input name, address, phone number, and date of birth, which the scammers will say is needed to process the antivirus subscription refund. This access will be used later to install malware or enlist the device into the threat actor's spam botnet.
 
Unfortunately, many people fall for these scams and provide threat actors remote access to their computers. Sadly, it is even more common for older people to fall for this scam as they may not have much experience with computers and are told attackers are trying to drain their bank accounts.
 
The best line of defense against scam emails is never to call a phone number included in an email stating that you owe money. Instead, you should visit the company's site and contact the number listed there to confirm if an email is valid or not. Even more importantly, no legitimate company will require you to give them remote access or ask you to download software to process a refund. As soon as a person tells you to do that, you should immediately consider it a scam and hang up the phone.

Be Cautious of These Red Flags When it Comes to Protecting Your Financial Security:

  • E-mails that contain urgent requests for personal or payment information.
  • E-mails that are not personalized with your name.
  • E-mails with links to the business’s website; the link could say the correct information, but it directs you to a fake site. Ensure that the link directs you to the correct website or enter it manually in your browser. 
  • If you are submitting credit/debit card information, make sure you are on a secure website. The beginning of the Web address will be https:// not just http://.
  • Watch for transactions that are not yours and report any discrepancies right away. This is where SAFE FCU Online and Mobile Banking can come in handy!
  • If you are online dating, be wary of someone who builds a relationship with you and then asks you for money. It’s possible that person is a scam artist.
  • Never disclose credit/debit card, account or personal information to someone you do not know or are unsure of. 

The U.S. Federal Government hosts On Guard Online which provides tips on how to protect your identity and online security against fraud.