Warding Off Credit Card Fraud Amid High Inflation
BECU shares the steps it is imparting to its members to help keep their information secure.
According to the Federal Reserve, total credit card debt and debt per U.S. household has grown by 8% since 2022. When paired with increased prices on everyday items and worsening inflation, consumers are relying on using credit cards more than ever and should be especially mindful of securing their finances against new, high-tech scams in order to avoid further compounding economic insecurity. While digital finance modes continue to offer better accessibility to consumers, it in turn offers more opportunity for cybercriminals to obtain sensitive information.
Consumers are constantly battling privacy concerns in the current landscape of digital transactions – whether that’s through computers and phones that can save passwords or credit card numbers, as well as more digital-only neo-banks popping up.
During this period of high-volume spending, we can impart a few steps to our credit union members to keep their information secure. First, it’s necessary for them to stay attentive to personal devices and public networks. Second, members should be encouraged to research how phishing happens, the common signs of it and what to do if they find themselves in such a situation. Lastly, if fraud has occurred, members should be armed with the proper steps to best protect themselves and their information by contacting their financial institution immediately.
Understand Phishing Scams
Maintaining vigilance over personal devices and internet networks containing sensitive information is the key to sustaining cybersecurity health. A holistic device view is important for our members in case a network becomes unsafe or a device is misplaced or stolen. Next, members should ensure they are keeping track of their financial institution’s standard communication practices across various channels, as scammers can emulate financial institutions based on traditional communication practices. Members should take note of the typical format their institution uses in case a scammer attempts to reach them under the guise of their financial institution. In general, members should reach out to a representative of the financial institution directly, versus attempting to verify any inbound communication from potentially suspicious sources.
Additionally, members should prioritize keeping their software up to date and maintain this as a piece of routine internet maintenance that should never be ignored. It often acts as a first line of defense to protect personal financial information. Updates often include security fixes that are crucial to safeguard against the influx of scammers and fraudsters. It is also important to secure home Wi-Fi connections with strong encryption (WPA3), a strong Wi-Fi password, and regularly updated router firmware while maintaining strong situational awareness and use of tools such as virtual private networks (VPNs) when in public spaces. For extra measures, members should not conduct transactions in public spaces, like a coffee shop. Scammers can view the information they put into a system and copy data like their bank card information, Social Security number, or passwords, depending on what details they are providing on a shared network.
Set Up Multi-Factor Authentication
The Federal Bureau of Investigation found that Americans lost $10.3 billion to internet scams in 2022 – reaching the highest losses in the last five years. While most phishing attacks happen via email or SMS messaging, a new threat has arrived. New scams and phishing attempts utilizing emerging technologies such as artificial intelligence to conduct frauds, synthetic voices and ultra-realistic impersonations are the harsh new reality for sophisticated attacks. The proliferation of AI is having a massive impact across a variety of sectors, including fraud, with cybercriminal activity expected to total $10.5 trillion by 2025, according to Cybersecurity Ventures – more than tripling over a decade.
It’s crucial for credit union members to enable additional privacy settings like two-factor authentication whenever possible – especially on sensitive accounts. Multifactor authentication requires more than one form of identification to log into the desired account. For example, members can consider using their fingerprints in addition to a complex password to log in to online banking with their financial institution. That way, even if someone does gain access to their password, they won’t be able to access the member’s account without that extra verification step. A perfect storm of sophisticated AI tools, along with readily available personal content on social media channels that can be used in highlighted targeted attacks, has led to the loss of $8.8 billion in what international regulatory bodies are terming “social engineering” scams. As these attacks continue to expand, members must remain cautious of unsolicited emails, messages or phone calls requesting personal or financial information – even if it appears to come from a trusted loved one.
What Members Should Do if They Are a Victim of Fraud
Lastly, credit union leadership should empower their members with appropriate next steps if fraud has occurred. It is essential for members to take both immediate and longer-term steps once fraud is detected, understand the urgency to file a report and work with their financial institution to address the situation. If a case of fraud does arise, it’s important that credit union leaders minimize feelings of shame or guilt that members may be feeling as a result, remembering that these are very sophisticated criminals operating in a professional manner. Last year, the FTC received 2.4 million claims of fraud across categories like investments and job openings. It’s critical for members to alert their financial institution right away if fraud is suspected, as there’s often a much better chance of mitigating damage if addressed quickly. If involved in a case of potential fraud, individuals should also maintain extensive documentation related to the communications, including copies of emails and other correspondence. Credit union members who fall victim to fraud should also consider the following:
- Change their passwords immediately, including for any accounts they don’t believe have been affected.
- File a police report – remember to be as specific as possible. List all of their compromised accounts and provide any supporting documents if they can.
- Consider a credit freeze, which gives members maximum control over who has access to their credit.
It’s also a best practice for credit union members to establish a regular system of credit monitoring by checking their accounts a few times a week and after large purchases to ensure the correct amount is coming out of accounts in order to assess for any suspicious patterns, remembering that there are consumer protections in place for fraudulent activity. In addition, credit unions should always provide their members with the option to talk with a trusted financial advisor to see if there are additional ways they can safeguard their personal information.
Cybersecurity in the age of AI may seem daunting, but by understanding how technology impacts fraud and what steps to take – both to prevent it as well as address it if needed – credit union members can feel confident about continuing to navigate their financial futures.
Sean Murphy is Chief Information Security Officer for the $29.1 billion, Tukwila, Wash.-based BECU.