There are many ways to make sure that your finances are in good health, as the new year gets underway. One of them—knowing how to spot a scam—is often ignored. The result is that many people are swindled out of their hard-earned savings every year. While 2015 was a year of many familiar scams, 2016 promises new scams as thieves take advantage of election fever, technological trends, and an inadvertent helping hand from the government.
To help you become more knowledgeable about these new scams, we asked David Dewey, director of research at Pindrop Security, a firm that provides anti-fraud detection technology for call centers and phone users, to tell us about the latest trends in identity theft and phone fraud. Here’s what you need to watch out for in 2016:
Uncle Sam Impersonators
2015 was the year of the IRS scam: Scammers impersonating the IRS and intimidating consumers into paying penalties for “back taxes” accounted for nearly a quarter of all scams reported to the Better Business Bureau. Expect worse in 2016.
Buried in the Congressional budget bill was a provision allowing debt collectors to use robocall technology to pursue anyone owing government debt—think overdue student loans and Freddie Mac and Fannie Mae mortgages.
Until now, consumers were advised—correctly—that the government would never initiate contact by phone, and just this past June the Federal Communications Commission strengthened protections against debt collectors calling a cellphone to dun late-paying loan holders. In 2016, that will no longer be true—and new scams will likely take advantage of this.
“We expect to see a spike in scammers targeting overdue student loans, Freddie Mac and Fannie Mae mortgage debt—things other than just taxes,” warns Dewey.
Tip: Don’t trust the number that shows up on your caller ID. “If someone calls to collect money, tell the caller you want to conduct the transaction in person and that you will come to his office,” says Dewey. “That almost always shuts down a scammer. If he's legitimate, he’ll give you an address.”
Amid the onslaught of political phone spam consumers can expect this election year are new scams that Pindrop’s researchers have never seen before.
The basic scam starts with scammers spoofing a candidate’s phone number so that the call seems to come from campaign headquarters and inviting you to join a virtual “town hall” meeting with the candidate. The meeting sounds legitimate because the scammers have either patched together portions of previous town halls or use a talented voice actor to imitate the candidate. At a certain point, the call is interrupted and you’re asked to press #1 to make a donation. By this time, your emotions are involved and you think, “Yes! I want to support my candidate!” So you give out your credit card number. Not only have you handed over money to an unknown entity, you have opened the door to identity theft.
Tip: Never donate to a political campaign during an unsolicited phone call. “You don’t know whom you’re donating to,” warns Dewey. “There is no way to authenticate the person who’s on the call.”
Last year’s data hacks at extra-marital matchmaker Ashley Madison and toymaker VTech proved that scammers are after more than your credit card number. Instead, they glean personal information to build detailed profiles that can be used for sophisticated forms of identity theft that may not be immediately obvious.
“The [hacked] information is not directly financially related, but becomes a stepping stone to a financial motivator,” says Dewey.
For example, scammers could exploit the VTech data breach, which compromised the profiles of 6.4 million kids around the world, to hack identities for years. Because kids have no credit history and their parents generally don’t check their credit reports regularly, the theft might not be noticed until the kids grow up and apply for a credit card or financial aid for college.
Tip: This type of data breach could affect you even if your tastes don’t run to toys or hanky-panky. Dewey points out that the healthcare industry is a rich target for new scams, as are popular “sharing economy” sites, such as Uber and AirBnB. Stay tuned—and stay alert.
Mobile Wallet Pickpockets
Scammers thwarted by the added protection of chip-embedded credit cards have a promising alternative: mobile wallets. Thieves increasingly tap funds by tapping into the accounts of others through Apple Pay, Google Wallet, Samsung Pay, Android Pay, PayPal, and others.
Dewey put the security of mobile wallets to a little test: First, he secretly copied credit card numbers and expiration dates from a few colleagues at Pindrop. A little Google investigating revealed the answers to “secure” identification questions (such as a colleague's mother’s maiden name) needed to activate the colleague’s card under Dewey’s mobile wallet account. Within minutes, Dewey had strolled over to Whole Foods and bought lunch for the office—paid for by his unwitting colleague. (The colleague was reimbursed.)
“It’s amazing how easy it was to add somebody else’s credit card info to my Apple Pay account,” Dewey recalls.
Tip: There will be new scams that will find new loopholes and workarounds to take advantage of new technologies. Check your credit card statements carefully for unexpected charges.