By REBECCA RUTHERFORD
Los Alamos
For the Los Alamos Daily Post
The FBI is warning users to watch out for a fast-spreading scam that has already cost people more than $260 million this year. Yikes!
The scheme is simple and convincing, which is exactly why it is working- Scammers reach out by text, phone, or messaging apps and pretend to be someone you trust. They often pose as Apple Support, your bank, a delivery service, or even a government agency. Their goal is to get you to click a link or hand over personal information that lets them break into your accounts. This is known as ATO (Account Take-over) fraud.
What would you do if you got a text message or phone call from “Apple Support” claiming that your account had been compromised, and that if you didn’t click a link to confirm you would lose access? Hopefully, nothing! Chances are communications like this are pure fraud, designed to make you panic and steal your information. Once a scammer has access to your account you are in serious trouble, so make sure you don’t let them get to that point. Enable multi-factor authentication on everything you can and never give those codes out to anyone. Support will never ask for those codes.
Once they make contact, the fraudsters try to create a sense of urgency. They will say your Apple ID has been locked, that a package cannot be delivered, or that someone is trying to access your bank account. The moment you click the link, you are taken to a fake website designed to look exactly like the real thing. From there, they can steal your login credentials, financial information, or even load malware onto your phone.
If you get a message or phone call that seems urgent, says something is wrong with your Apple account, a package delivery, your bank account, etc. stop and think before you act.
The FBI says the best way to stay safe is to slow down. Do not tap any links in unexpected messages, even if they look official. Go directly to the company’s real website or app instead. If someone claims there is a problem with your account, contact the company on your own. Never share passwords, passcodes, or verification numbers with anyone who contacts you out of the blue. Apple and legitimate businesses do not ask for that information through text or random calls. Even an email notification should be questioned.
Rather than blindly clicking, go directly to their website, or call or contact them via verified means, not using any info from the suspect message. There is way too many scams out there to just click anything, always verify through the actual website or customer service number.
If you get a suspicious phone call, the best course of action is to be like me and don’t pick up! I send everything but known numbers straight to voicemail. Be wary of any unknown numbers, they are more than likely scammers. Even if it’s a “known” number like “Apple Services”, I wouldn’t pick up- phone numbers are super easy to spoof.
Remember, chances are that if there is a scam issue on your account, support is not going to call you to notify you. Most companies do not use phone calls to notify users of account issues.
If you receive a message or call about an “issue” on your account, always go directly to the company’s website to verify, disregard the message as it is likely a scam.
This is also a good time to check your phone and accounts. Make sure multi-factor authentication is turned on. Update your phone software. Review bank and credit card activity for anything that looks off. If you think you may have clicked a suspicious link or shared information, contact your bank right away and report the incident to the FBI’s Internet Crime Complaint Center.
Cybercriminals rely on panic and pressure; a few seconds of caution can make all the difference. Don’t be another victim, stop and think, and don’t click that link!
Editor’s note: Rebecca Rutherford works in information technology at Los Alamos National Laboratory.