Published on: June 24, 2024
By: Webster Bank
Have you ever received an email with a similar message like these? “We suspect an unauthorized transaction on your account. To ensure your account is not compromised, please log in to your online banking profile below to review your account activity.”
While your first instinct might be to panic and quickly follow the instructions to protect your account and your funds, STOP. The email you received, or others like it, are most likely examples of a popular scam called “phishing,” – and it involves Internet fraudsters and identity thieves who send fraudulent emails, spam, or pop-up messages to trick unsuspecting victims into providing their personal information like your Social Security number, bank account information, credit card numbers, passwords, or other sensitive information.
According to Verizon’s 2023 Data Breach Report, phishing scams account for nearly 36% of all data breaches in the United States—accounting for more than 5 million events—and were the second costliest source of compromised credentials.
Phishing emails are a form of impostor fraud in which the senders mimic the email addresses and communications formats of various legitimate retailers, banks, organizations, or government agencies. The message may ask you to “update,” “verify,” or “confirm” your account and personal information. The recipients of some scam emails are requested to click on an included hyperlink, which directs them to a fake website. The goal of any phishing email is to trick you into divulging your personal information so the perpetrators can steal your identity and use it to commit fraud.
What makes these types of scams dangerously effective is that they rely on social engineering to quickly gain your trust and engage in seemingly straightforward tasks that, under the surface, compromise the security of your accounts and can ultimately lead to the theft of your money or identity.
Moreover, new developments in artificial intelligence and large language models have led to incredibly sophisticated phishing attacks capable of learning and exploiting user behavior at a scale never seen. According to security firm Persona, some fraudsters are even using generative AI to harvest information about their targets using social media profiles and other digital fingerprints to create uncanny impostor accounts capable of sending emails that are virtually indistinguishable from legitimate communications – learning and optimizing over time and scaling fraud attempts to unprecedented levels.
Legitimate companies don’t ask for this information via email. If you are concerned about your accounts, contact the sender of the email using a telephone number you know is legitimate. Do not attempt to contact the sender using a phone number in the suspicious email.
Only click on links or open attachments from an email if you know the sender and are expecting the email.
Don’t reply to the email or attempt to contact the senders in any way.
If you did click on a link in the suspected email, don’t ever give any information on the bogus website it brought you to.
Ensure your computer is protected with spam filters, anti-virus and anti-spyware software, and a firewall, and keep them up to date. Some phishing emails contain software that can harm your computer or track your activities on the Internet without your knowledge. Some malicious software, a.k.a. malware, has the specific purpose of obtaining the login credentials to your online financial accounts.
Review all your credit card and bank account statements as soon as you receive them to check for unauthorized transactions.
If you think you’ve been scammed, file a complaint and visit the Federal Trade Commission’s (FTC) Identity Theft website for more steps to take to protect yourself. Victims of phishing can become victims of identity theft. Protect yourself, your accounts, and your devices from these attacks, and educate your children and parents on what to look for and how to avoid becoming their next victim.
All deposit products are provided by Webster Bank, N.A. ("Webster Bank"), an insured FDIC institution. BrioDirect is a sub-brand of Webster Bank. Webster Bank operates under the trade name BrioDirect. This trade name is used by, and refers to, Webster Bank, a single FDIC-insured bank.
Accounts that are opened via www.briodirectbanking.com and marketed by BrioDirect are Webster Bank accounts. Deposits in these accounts are made with Webster Bank. For purposes of determining how much FDIC insurance is applicable to your accounts, you need to consider all accounts maintained with Webster Bank, N.A., such as CD, checking, savings, BrioDirect online accounts and cash held in health benefits accounts with HSA Bank.