Text Message Scams
Telephone and email were once the communication methods of choice by scammers attempting to perpetrate fraud. Now, according to an analysis released by the federal agency in June, bogus bank fraud warnings were the most common form of text message scams reported to the Federal Trade Commission (FCT). But now, scams have become more sophisticated. As a result, customers are seeing money disappear from their bank accounts after responding to text messages they believe are security alerts sent by their banks.
According to an analysis released, bogus bank fraud warnings were the most common form of text message scams reported to the Federal Trade Commission (FCT). Many of the text messages impersonate well-known banks, like Bank of America and Wells Fargo. The analysis found that consumers lost $330 million to text message scams in 2022, more than double what was reported in 2021.
Deborah Moss, owner of a small catering business, told CBS News that she lost her life savings of nearly $160,000 after replying to a text message. It all started when Moss received a text purporting to be from her bank, Chase, asking about an unauthorized $35 debit card charge from another state.
Shortly after replying to the text, someone posing as a Chase Bank employee called Moss. The caller ID even showed the name of the bank. The caller introduced herself as “Miss Barbara” from “Chase ATM.” She asked Moss for authorization to cancel the allegedly fraudulent debit card and issue a new one in its place.
The alleged “Miss Barbara” then said she needed Moss to verify her identity by reading the number from a subsequent text message back to her over the phone. The following week, “Miss Barbara” contacted Moss many times, complaining that the card had not arrived and asking Moss to confirm her identity by repeating the numbers from successive texts.
“And I would just repeat those numbers to her, and she’d say, ‘That’s great. Thank you so much, Ms. Moss,'” Moss told CBS News.
The shocking reality did not come to light until Moss went to the bank branch that was closest to her. A bank supervisor told Moss that her account had been emptied of over $160,000. As it turned out, the text messages asking Moss to authenticate her account were authentic: they were sent by Chase Bank as part of its two-factor authentication system, designed to enhance customer security.
However, the con artists were tricking Moss into giving them the numbers over the phone, which allowed them to get through security safeguards and withdraw substantial sums of money from Moss’s account. The fraudsters made six wire payments, the largest of which was approximately $48,000, in only one week.
“That was all my money,” Moss told CBS News. “It took me 12 years to get that money, and that was my life savings.”
Banks are not the only focus of fraudsters. According to the FTC, fraudsters also send text messages regarding the following:
1. Bogus Free Gifts
The text message claims you can receive a free gift, reward, or prize money from a reputable company. But you must first click on the link and pay a shipping fee with your credit card. The con artist uses the credit card number to make fraudulent charges.
2. Fake Package Delivery Problem
Text messages purportedly from the U.S. Postal Service, FedEx, or UPS claim there’s a problem with a delivery. The message has a link that, if clicked, takes you to an authentic-looking website, where you are directed to submit your credit card number. People also reported giving their personal information, including Social Security numbers.
3. Fake Security Alerts From Amazon
Con artists use Amazon’s name to commit a variety of frauds, including texting customers to verify a “big-ticket order” that customers did not make. The scammers ask customers to call the number in the text to straighten out the matter. A phony Amazon representative offers to “fix” the account and get them a refund. The fraudster, however, asks for remote access to a customer’s phone. But then the phony Amazon representative says a couple of zeros were accidentally added to the refund, so they need customers to return that money to them—often by buying gift cards and giving the cards’ PIN numbers.
According to the FTC, text scams work because scammers use the speed of text communication to their advantage: They hope you won’t slow down and think over what’s in the message. While con artists still use phones and emails to carry out their schemes, the FTC reports that scammers prefer texting since more than half of consumers text daily, making texting more common than any other communication method, including voice or email.
For example, the federal agency says that text message open rates are estimated to be as high as 98 percent and response rates as high as 45 percent, compared to email open and response rates of 20 percent and 6 percent, respectively.
To protect yourself from text message scams, security experts advise:
• Do not share personal account information such as ATMs, PINs, passcodes, credit card numbers, or Social Security numbers.
• Do not click on or respond to suspicious links in unexpected texts or emails.
• If you want to confirm that you are actually speaking to a representative of a bank, call the number on the back of your card or visit your local bank branch. Keep in mind that banks usually do not initiate phone calls.
Security experts also urge the public to stay hypervigilant and be suspicious when someone unexpectedly contacts you and asks for sensitive information. There is no guarantee that you will recover the money you lost to scammers.
In an effort to get her stolen money back, Moss reported the theft to the police and filed a claim with Chase Bank. Sadly, the bank rejected her claim. Moss told CBS News that Chase sent her a letter, which read in part, “During our review, we found you did not take the appropriate steps to protect your account from theft or unauthorized use.” Moss was devastated and felt betrayed.
“My world fell apart,” Moss said. “My whole world fell apart. You think of your bank as being some place that you put your money so that it’s safe but it’s not safe. It needs to change.”
David Weber, a certified fraud examiner and forensic accounting professor, holds Chase Bank accountable for failing Moss and failing to put greater security measures in place.
“Anyway, you look at it, they failed. They failed her,” Weber told CBS News. “The bank could have required her to come in and sign the wire form in person. They left everything for her to be at risk, and now they’re saying they bear no responsibility.”
Weber also believes that the current two-factor authentication systems, which include text messages, are not sufficient to fight against the “increasingly sophisticated tactics employed by scammers.”
“This is happening hundreds and thousands of times a day in the United States using the exact same methods here,” Weber said. “The two-factor authentication is not strong enough to protect this customer.”