Don’t Be an Easy Target This Holiday Season
• 8 min read
- Brief: Banking, Charitable Giving
Get the Latest Research & Insights
Sign up to receive an email summary of new articles posted to AMG Research & Insights.
Key Takeaways
- Fraudsters’ bag of tricks can involve unsolicited emails, texts, or phone calls.
- Some simple steps can go a long way toward protecting your financial information and accounts.
- Recognizing some commonly used scams such as phishing, look-alike websites, and package tracking alerts can help you defend against them.
- If your information is compromised, immediately alert your financial institutions, the major credit bureaus, and law enforcement.
BE CAUTIOUS: USE THE S-T-O-P METHOD
During this busy holiday shopping season, don’t let your guard down. While you’re juggling party planning and taking inventory of gift wrap, bad actors are seeking to exploit your distraction to gain access to your financial accounts.
Staying alert and being aware of common email and text scams can help keep your personal and financial information safe.
In general, pause and consider by using the STOP Method:
- Is this communication Suspicious?
- Is it Telling me to click?
- Is it Offering me something that sounds too good to be true?
- Is it Pushing me to act now?
When in doubt, don’t click. A best practice is to ignore provided links or phone numbers by independently searching for and visiting the purported sender’s website.
WHAT ARE SIGNS OF POTENTIAL FRAUD?
- Be suspicious of any unsolicited email, text, or phone call from individuals asking for personal data.
- Be leery of any form of communication that asks for “immediate attention” or sets an atmosphere of urgency.
- Watch for grammatical errors, typos, or unprofessional language in the body of an email.
- Before you click on a link, even from a trusted provider, hover your cursor over it to confirm that it is correct.
- Ideally, it should be a secure link, starting with https://
- Look out for slight misspellings in URLs, e.g., amgnationel.com instead of www.amgnational.com
- Watch out for URLs that end with .co instead of .com, e.g., amgnational.co instead of www.amgnational.com
- When in doubt, do not click on a link provided in an email or text. Do a separate search for the organization’s website or set a bookmark for a link that you know is correct.
- Be cautious about opening any attachments or downloading any files from emails you receive, regardless of who sent them.
- Keep track of online orders and their shipping status to make it easier to spot a fake delivery message.
- Don’t rely on official-looking logos or professional sounding language as proof of authenticity.
HERE’S HOW TO PROTECT ACCOUNTS
- Make sure that you create a unique, strong password for each website you visit, especially for banking and financial sites.
- If you have trouble remembering passwords, consider a passphrase using special characters or a password manager. Do not rely on sticky notes left on your desk or unprotected documents on your computer.
- Set up multi-factor authentication, which requires at least two forms of ID to log in.
- Regularly update your computer software so that it has the latest security patches and updates, especially web browsers.
- Review credit card and bank account statements regularly for unusual activity.
- If you receive a voicemail from an individual claiming to be from your bank, verify the callback number or use the phone number on the back of a credit/debit card to return the call. It’s best not to hit the redial button or call a number given.
- Take advantage of AMG’s credit and debit card SecurLOCK features, which enable cardholders to manage access to their accounts, including:
- Activate and deactivate their cards
- Enable or disable transaction types, e.g., allowing only in-store purchases versus online purchases
- Set alerts when transactions are made
- Set monetary thresholds for any transaction
COMMON SCAMS
1. Package delivery scams
According to the Federal Communications Commission (FCC), many delivery scams start with a text message or an email about a package being delivered to your address. These messages will include a “tracking link” or a callback number urging you to update information on a missed delivery or complete payment on an order.
If you click on the link or call the number, you will be exposed to fraudsters seeking to steal your personal or financial information, cajole you into sending money, or try to extort you after installing malware onto your device.
Do not click the link or rely on contact information provided by the sender. Go to the carrier’s website or use the retailer’s tracking tools to verify delivery information.
2. Phishing emails or texts from companies you regularly patronize
Phishing involves sending emails, text messages, or other forms of communication that masquerade as trusted companies or organizations.
During the holidays, cybercriminals will send emails or text messages claiming to be from companies like Amazon, Apple, or stores that you frequent. The message may offer special discounts or allege that your account has been hacked.
In a variation of this scheme known as a callback phishing email, cybercriminals send an email claiming that you have a pending charge on one of your accounts. If you call the number provided, the cybercriminal will guide you to connect with them through a remote monitoring and management tool.
These tools are often used by IT departments to remotely connect and control your device. Once the software has been installed, cybercriminals can use it to sneak ransomware onto your device. With ransomware installed, sensitive information can be used to extort you or your organization.
Always be dubious. Avoid clicking any links or calling phone numbers provided directly in an email. Do an independent search to reach a retailer’s website and contact details.
3. Fake charities
‘Tis the season of giving, and crooks are ready to take advantage of your generosity. Charity scams can take place online or even by phone. The Federal Trade Commission recommends you do your research before making a donation and also be mindful of how you pay.
Keep these fraudster tricks in mind:
- Pressuring you to donate right now
- Making vague and sentimental claims, but giving no specifics about how your donation will be used
- Guaranteeing sweepstakes winnings in exchange for a donation.
Charity Navigator and the Better Business Bureau’s Wise Giving Alliance are two organizations to help you research charities. Before donating to a GoFundMe or similar campaign, investigate the organizer.
4. Look-alike websites
Cybercriminals can purchase phishing kits from other bad actors that include pre-made phishing emails, web pages, malicious code, graphics, or worse.
For example, you could be sent an email with an official-looking header and company logo, along with realistic images in the body copy or footer. Any links in the email would direct you to a look-alike website.
What makes this especially pernicious is that each seemingly real step will increase the appearance of legitimacy.
Be wary of emails you don’t expect, especially any that include links. Hover over links before clicking and be on the lookout for incorrect logos or misspelled words.
Rather than using links or contact information in an email, go directly to the organization’s website.
5. Grandparent scams
This particularly devious holiday scam mainly targets senior citizens, but anyone who finds themselves alone during the holidays is susceptible.
The scam exploits the love and concern people have for family members and hypes up the sense of urgency.
Criminals will typically call, text, or email posing as a grandchild (or other family member) in trouble and ask for money through forms like a wire transfer or gift card. Scammers will have done enough research on your family to make the requests sound legit.
Watch for calls from unknown numbers coming in late at night when you are more likely to be caught off guard. That’s a good time to let it go to voicemail.
If you answer, don’t panic or let worry override caution. Call another family member to confirm the emergency.
Remember: AMG will never ask for your personal information
AMG and other financial institutions will NEVER ask for your account number, Social Security number, name, address, or password in an email, voicemail, or text message. Generally, a financial institution will only ask you to call them if there is a potential issue with your account. See AMG’s Security & Privacy Policy for further details.
STEPS TO TAKE IF COMPROMISED
- Contact your AMG advisor, or other financial institution, at once.
- Report the crime to your local police.
- Contact the three major credit bureaus (Equifax, Experian and TransUnion) to request a fraud alert on your account and to freeze your credit report. Dispute any fraudulent activity on your credit report.
- If you have unauthorized charges on any accounts, contact the fraud department of those companies, such as credit card issuers, cable or phone companies, and other lenders.
- For more information on identity theft, visit FTC Identity Theft.
STAY ALERT TO STAY SAFE
Again, at this time of year an ounce of prevention is worth a pound of cure. Stay alert and be suspicious of anyone telling you to take immediate action, offering you something that is too-good-to-be-true, or pushing you with emotional tactics.
Pause, consider, and keep your financial information safe.
One of the advantages of banking with AMG is the holistic way in which we know you, from your personal checking and savings accounts through to your investments and wealth transfer trusts. We help you secure accounts, integrate your wealth across accounts so that it can work harder for you, and simplify the number of relationships you need to manage.
Should you wish to consult with one of AMG’s seasoned private client bankers or wealth advisors, contact us: 800-999-2190 or info@amgnational.com.
This information is for general information use only. It is not tailored to any specific situation, is not intended to be investment, tax, financial, legal, or other advice and should not be relied on as such. AMG’s opinions are subject to change without notice, and this report may not be updated to reflect changes in opinion. Forecasts, estimates, and certain other information contained herein are based on proprietary research and should not be considered investment advice or a recommendation to buy, sell or hold any particular security, strategy, or investment product.
Get the latest in Research & Insights
Sign up to receive a weekly email summary of new articles posted to AMG Research & Insights.