How to Prevent Person-to-Person Payment Scams

Person-to-person (P2P) payment options have certainly made paying back borrowed money to friends and family very convenient. From going out to eat and splitting the tab, to chipping in for a gift, or paying a trusted contact for a service – P2P payment services have made our lives quick and easy. However, if you are a user of a P2P payment service such as Zelle, Square Cash, PayPal, Venmo, Facebook Payments, Google Wallet, Apple Pay, Payzur, and the like – buyer beware.

Continue reading to ensure you know how to spot a P2P payment scam so that you don’t fall victim to this type of fraud. P2P scams are extremely serious, because the victim unfortunately usually is not protected from money lost and fraudulent access to their account(s).

Why are victims of P2P scams usually not protected?

Due to the fact that P2P transactions are consumer initiated, there is not much protection when a fraudulent transaction occurs – because technically the consumer authorized the transaction. Whether it’s the actual consumer or a fraudster who initiated the payment service transfer, there really is no way to prove it. In addition, user error is often not covered either. Most P2P apps have user agreements prior to first time use, where the user agrees when money is sent through the app – any losses are on the user, since they authorized a transaction.

Recently, Zelle’s P2P service added a measure to help prevent users from sending money to the wrong person. Zelle now includes a pop-up warning if a user is trying to send money to someone who is not in their contacts, which makes them think twice before allowing the funds to leave their account.

How does a P2P scam work?

A P2P scam is basically an account takeover scam. Fraudsters will send text messages to an unsuspecting consumer, appearing as if the message is coming from the individual’s financial institution.

  • The text will usually appear to come from the individual’s financial institution (aka: spoofing) and will warn them of suspicious debit card activity.
  • For those who respond to this fraudulent text, the fraudster will call that consumer also spoofing the financial institution’s phone number – and claim they are from the bank’s fraud department and would like to verify a suspicious transaction.
  • The fraudster will then try to get the unsuspecting consumer to verify their identity, and let them know a passcode will be sent via text message – and that the consumer must provide the passcode over the phone.
  • Once the fraudster has that passcode, they’ll attempt a transaction that triggers another two-step authentication passcode (such as forgot password so they can reset the consumer’s password, or they’ll try to initiate a P2P transaction).
  • The fraudster now has access to all of the consumer’s accounts within Online Banking, as well as access to their P2P payment service if one is provided through the bank (such as Zelle) – and will begin using P2P payments to transfer money to themselves.

And unfortunately, there is not much that can be done once this happens – because it appears that the consumer approved the P2P transfer. Since the fraudster spoofed the financial institution phone number, they more than likely won’t be caught either – once it’s recognized that a scam occurred.

How can I make sure I don’t become a P2P scam victim?

  • Only send money to people you actually know. P2P transactions are instantaneous (meaning they happen within seconds) and are often irreversible.
  • Get all of your recipient’s details prior to initiating a P2P payment. Before you press “send” or “pay,” be sure you have the correct user name, phone number, photo, or other identifier. If you incorrectly enter a recipient’s email or phone number, the money could go to the wrong person and you may not get it back. Some P2P services offer the option of receiving a special code to confirm that the person you’re sending money to is your intended recipient. If this feature is available – use it.
  • Confirm you know how to get help if something goes wrong. Before using a P2P service, search the app for procedures and customer service contacts. Know who to reach out to if you have a problem.
  • Keep your app updated. Hackers usually look to exploit vulnerabilities. If your software is not up to date, you’re missing out on protections. Be sure automatic updates are turned on so you know you’re covered.

While P2P services are a useful and convenient way to pay those you know without having to go to the ATM or get change – it’s important to also be aware of the risks and ways to avoid fraud while using them.

Always remember that your legitimate financial institution will never ask you for your login credentials, passcodes, or user name. If you have additional questions or concerns about P2P payment services or have been a victim of a P2P scam in relation to a First Financial account, please give us a call at 732.312.1500 or email us at info@firstffcu.com.

Article Sources:

CUNA Mutual Group 2019 Peer-to-Peer Payments Risk Overview

CUNA Mutual Group Risk Alert – Sophisticated Scams Lead to P2P Fraud (May 12, 2020)

6 Summer Fraud Scams to Avoid All Year

Here are summer’s most prevalent financial scams that are catching consumers by surprise. However, many of these scams are ongoing all year long and you should be on the lookout for them constantly.

1. Gift cards, secret shoppers, and fake offers.

How the scam works: Consumers are drawn in by a phony email or social media post to become a “secret shopper” in exchange for some form of financial gain. When a consumer agrees to participate, the fraudster seals the deal by delivering a very large counterfeit check. The criminal then asks the consumer to deposit the check and purchase gift cards with the funds – keeping a small portion of the proceeds as compensation for being the “secret shopper.” The victim is asked to email photographs of the gift cards, front and back, so the criminal can use them immediately – before the counterfeit check has a chance to bounce.

The takeaway: The bounced check and all associated damages are the responsibility of the consumer because the criminal and his or her email address are long gone by the time the check bounces.

2. “You can never be too rich or too thin” and other email scams.

Some consumers are attracted to “get rich” and “get thin” offers, and unfortunately an age old diet scam has surfaced again, targeting consumers with spam emails. When an unsuspecting consumer signs up for the “self improvement” deal, that individual agrees to recurring billing for the proposed service.

The takeaway: This ongoing billing arrangement is difficult to stop. And, in some cases, the stolen card information used for payment is also used for other fraudulent purposes.

3. Counterfeit money orders.

Fake money orders are frequently used for online purchases from websites like Craigslist. The problem is that high quality counterfeit money orders are hard to distinguish from the real thing.

The takeaway: If you think you could potentially have a counterfeit money order, call the U.S. Postal Service verification line at 1-866-459-7822. The U.S. Postal Service can verify the authenticity of money orders 48 hours after they are issued – and they can also offer tips on how to recognize fake money orders in the future.

4. “MSN” help desk fraud.

This form of fraud is usually directed at the elderly. A criminal calls an unsuspecting consumer and warns that his or her PC – however seldom used, is riddled with viruses. The fake technician offers to assist, and then dispatches the victim to a local big box store to buy prepaid gift cards which are given as payment for the tech support services.

The takeaway: Losses to victims of this scam can soar well into the thousands – and the criminals are willing to take every nickel without remorse. Some big box stores have started to try and identify consumers who may be embroiled in these scams, but they can run into roadblocks when victims are either mentally incapacitated – or reluctant to admit they have fallen for a scam.

5. Card cracking.

This rip-off scheme typically victimizes the younger crowd. A fraudster reaches out to a young person via social media and convinces the potential victim that they can both benefit by helping each other out – with the young account holder receiving a small sum of $100 or so, as compensation for cooperating with the fraudster. The victim then gives the criminal access to his or her online banking credentials, so the criminal can deposit counterfeit checks into the account. The fraudster also typically requires the usage of the account holder’s debit card and, in some cases, accompanies the co-conspirator to an ATM to perform withdrawals against the counterfeit checks that have been deposited. This is especially troubling if the account holder is a minor in the company of an adult criminal.

The takeaway: All financial damages, including non-sufficient funds checks, fall back onto the young consumer. And that easy $100 profit? It was fake as well.

6. Direct mail scams.

Bogus but official looking letters are delivered every day to random consumers with stern requests for Social Security Numbers and other personally identifiable information. Some of these letters are printed on what looks like big bank letterhead and in all cases, there is at least one “official looking” hard copy form that the consumer is asked to fill out and return.

The takeaway: The addresses on these letters and the return envelopes provided are criminal addresses. They are not P.O. boxes belonging to actual businesses or financial institutions. The main objective in this instance is identity theft, and this scam has been known to be very convincing to consumers.

Bottom Line: An informed consumer is an empowered one. Recognizing the signs of fraud will reduce your risk of becoming an identity theft victim.  Don’t wait until it’s too late! Enroll in Sherpa identity theft protection from First Financial. The best part? You can enroll right online, 24/7. You can trust in First Financial and Sherpa to help keep your personal information protected. Packages begin at just $5.99 per month – so click here to enroll today!

Article Source: John Buzzard for Co-Op Financial Services

6 Tips for Protecting Yourself Against Robocall Scams

With the rise of automated telemarketing — otherwise known as robocalling, it looks like the annoying calls have evolved. If these automated calls could simply be chalked up as the digital version of cold calling, it would be the least of our worries. But many of them are deliberate scams designed to trick people into sharing their account details, social security numbers, and other personal information. Based on consumer reporting, the Federal Trade Commission estimates there are 2.6 billion of these calls each month!

Maybe you know better than to give personal information over the phone, but some scammers can use any response you give, even a simple “yes.” For example, one of the robocall scams circulating last year started with the line “Can you hear me?” If someone answered “yes,” the response was recorded and used to authorize fraudulent charges on the victim’s accounts over the phone.

Some robocall scams will impersonate familiar entities like the IRS or charity organizations. In one recent scourge of fraudulent robocalls, recordings posed as Google account specialists. Another tactic these scams use is known as spoofing — calling from a phone number that will look familiar to you, perhaps sharing the same area code or prefix.

Authorities are cracking down on this type of fraud, but they are still far from eradicating the problem — if that’s even possible. Meanwhile, there are many ways you can protect yourself from becoming a victim of a robocall scam.

1. Don’t answer the phone for an unfamiliar number. If you answer, immediately hang up. Do NOT speak or key any responses.

One of the first lines of defense is not to interact with these machines at all. Answering and immediately hanging up is the next best thing, but you’re likely to keep getting more calls. It’s better not to give any indication that you’re a “live” target.

2. If you responded to a call in the past and suspect it was a scam, check your accounts.

Don’t feel too bad if you’ve fallen for one of these scams — they’re designed to fool the best of us. Simply check your accounts for suspicious activity and change important passwords. Contact your bank or credit card company immediately if your account has been compromised. In fact, checking your account regularly is a good practice. Add it into your routine – it really doesn’t even take that long, and soon will become second nature.

3. If you suspect you may have received fraudulent calls, report them.

These kinds of calls, even if they aren’t exactly scams, are illegal in many cases. Never hesitate to report suspicious calls to the Better Business Bureau’s Scam Tracker or the Federal Communication Commission’s (FCC) Help Center. Even if the scammers didn’t get to you, reporting them will make sure they don’t get to anyone else.

4. Ask your carrier if they have a robocall blocking service.

In November 2017, the FCC approved rules that give carriers more license to block suspicious calls. If there’s a service in place, make sure you opt into it.

5. Fight back: install a robocall-blocking app on your mobile device.

Just as telemarketers have shifted their efforts to cell phones, robocall scams are increasingly targeting mobile phones. Apps such as “Robokiller,” “Nomorobo,” “Should I Answer?” and “Hiya” use robot-detecting technology to create another line of defense between you and the latest scam.

6. Keep your number to yourself.

Just about every online form asks for a phone number, but you don’t have to give this information away. The more your number gets out there, the greater the chance robocall scammers will get their hands on it. Treat your phone number like it’s a part of your personal identity and guard it carefully.

If you feel that any of your First Financial accounts may have been compromised as a result of a scam, please contact Member Services at 732-312-1500 Monday through Friday 8am-6pm EST, or Saturday 8:30am-1pm.

Article Source: Jessica Sommerfield for Moneyning.com