Uh-oh. Someone’s trying to get control of your online banking account.
How do you know? That text you just received said so:
So, you reply “NO.” After all, you’re not aware of any shenanigans and you were just online. Everything seemed secure.
But your “No” text gets a reply – another text with a toll-free number telling you to call now to change your username and password for security reasons. OK, maybe this is serious. You dial the number and get someone who says, “Your Bank Client Protection.”
Your gut tells you something doesn’t sound right, so you hang up.
This is just one of the latest examples of smishing – an attempt at fraud by text message that’s become common place. It may be from someone claiming to represent your bank, a utility company or a big-box store trying to get your identity and credentials. But there are usually some hints that something is amiss.
5 Signs of a Scam Message
- Misspelled words
- Letters that should not be capitalized
- Incorrect grammar
- Banks like Regions will never call and ask for financial/personal information. We will never ask you to provide or change your password over the phone.
- A link that doesn’t look right — hover over links to view the URL before clicking.
Our example above shows that fraudsters are getting more sophisticated because the spelling and grammar passed muster. In this case, there were still some red flags.
First, your bank wouldn’t list your online ID like that in a text. Second, when you reply NO, they wouldn’t ask you to change your username and password over the phone. Oh, by the way, when they give you a phone number, it doesn’t match up with the one on your bank’s website. Do not proceed.
“These types of scams are becoming more prevalent, but Regions is working hard to protect our customers,” said Kimberly Reece of the Fraud Strategy Customer Experience team. “While we may initiate a text or email to confirm a specific transaction, it’s important to remember that we will never ask for your financial or personal information. If you’re ever unsure about who you’re communicating with, don’t respond — hang up and contact us directly.”
So, what do you do if you think you’ve been targeted for fraud via email, phone call or text?
4 Steps to Take After a Scam Attempt
- For card related inquiries, call the phone number on the back of your credit or debit card
- If you receive a suspicious email or text that appears to be from Regions, you should forward it to [email protected] and then delete it. This helps our security team go after the scammers.
- If you receive a suspicious SMS or text requesting that you call Regions, you can verify the message by these numbers of origin: 30438 for personal credit cards, 39199 for business credits cards, or 42850 for Check Card, ATM Card, Now Card or HELOC Platinum Card. If you are a Regions customer, please add these numbers to your contacts. (If you use another bank, they’ll have similar procedures you can easily find online).
- When in doubt, hang up and contact your bank immediately.
This isn’t new ground. Regions has participated in the American Bankers Association’s #BanksNeverAskThat campaign the last few years, reminding customers what to watch for. Unfortunately, scammers are getting better, so we remain vigilant in helping you stay on top of current trends.
#BanksNeverAskThat: A Primer to Stay Safe
#BanksNeverAskThat: 4 Tips to Keep Your Account Safe
#BanksNeverAskThat: Protect Your Information
The information presented is general in nature and should not be considered, legal, accounting or tax advice. Regions reminds its customers that they should be vigilant about fraud and security and that they are responsible for taking action to protect their computer systems. Fraud prevention requires a continuous review of your policies and practices, as the threat evolves daily. There is no guarantee that all fraudulent transactions will be prevented or that related financial losses will not occur. Visit regions.com/STOPFRAUD or speak with your Banker for further information on how you can help prevent fraud.