When scammers can’t intimidate you through fear and bullying to hand over your account details, they often switch to a different tactic.
In a sneaky new campaign, scammers are sending messages to potential victims claiming that their bank account has been frozen due to suspicious transactions. The only way to unlock your assets? You must verify that you are the legitimate account owner.
But that is all part of the scam. Read on for details on this tricky scheme.
Here’s the backstory
Most people would panic when their bank informs them of suspicious or unauthorized transactions. They would do anything necessary to protect their finances.
But that is precisely the fear that scammers are hoping to inflict. According to BitDefender, a new scam targets Citibank users with an elaborate phishing campaign. Claiming that the potential victim’s account is frozen, a phishing email requests that they verify their account.
Around 80% of the phishing emails are directed towards U.S. citizens, while a small portion targets U.K. and Canada. The spoofed emails use the Citibank logo to instill authenticity. But don’t be fooled. These messages are fraudulent.
The links in the bogus emails to verify your account take you to an almost-perfect clone of the Citibank website. But once you enter your login details to verify your account, they’re captured by criminals. This gives them immediate access to your account.
What you can do about it
No phishing campaign is perfect, and there might be minor, tell-tale signs of a scam. The easiest way to spot potential criminal activity is to pay close attention to the wording, spelling, and grammar. If something seems weird, it’s better to ignore it.
Here are some other ways to avoid falling victim:
- Contact the company directly if you have a Citibank account and are worried about fraudulent activity. Don’t click the link found inside a text or email. Use contact information found on the back of your debit or credit card, or type the Citibank website directly into your browser.
- Don’t click on links and attachments that you receive in unsolicited emails.
- If the message gives you a sense of urgency, delete it.
- Spelling and grammar errors are big red flags.
- Use two-factor authentication and password managers for better security.
- Keep your operating systems, apps and devices updated with the latest official software and patches.
- Always have a trusted antivirus program updated and running on all your devices. We recommend our sponsor, TotalAV. Right now, get an annual plan with TotalAV for only $19 at ProtectWithKim.com. That’s over 85% off the regular price!