How to Spot and Protect Yourself from Phantom Hacking Fraud

Most businesses like to give back to the community and donate funds to charitable causes that they stand for as an organization. While many requests are legitimate, there are scammers that will try to use deceptive charitable solicitation schemes. Before making any donations, be sure to research charities and the organizations in charge of running them.

A directory scam targets all types of businesses and organizations to trick them into paying for a listing or ad space in a non-existent directory, or in some cases a directory that exists but won’t be widely distributed and is of little to no value. The scammer will bill for the listing and not place the ad as agreed upon. It’s best to exercise caution and train employees to ask questions and do research on the directory if they receive any inquiries for purchasing ad space or listings.

An overpayment scam is when the person you are doing business with pays you for products or services, but pays you more than what was originally requested. The scammer will instruct you to keep the amount owed and to wire the balance back to them. Scammers may even tell you to keep a small stipend for yourself. In this type of scam, the funds will bounce (i.e., check is invalid or fund transfer will be reported as unauthorized) and you/your business will be responsible for repayment of the funds that bounced.

Scammers often send businesses fake invoices for things they never ordered or received, usually for common supplies. To avoid falling victim to this scam, carefully review all invoices before paying. Often, these fake invoices are for small amounts. Pay close attention to the fine print; it might reveal that the invoice is actually a solicitation, not a real bill.

A business email compromise, or email account compromise, is a scam where someone pretends to be a trusted source, like a vendor, and sends an email to someone who handles payments in a company. They might use a fake email address or hack into a real account to ask for payment information to be changed or for money to be sent for a seemingly valid reason. If the person falls for it, the money goes straight to the scammer’s account.

Lottery scams are when scammers contact an individual telling them that they’ve won a lottery or sweepstakes they never entered. They’ll contact their victims by phone, email, text, or social media and demand they pay ‘taxes’ or ‘fees’ to claim their prize, often asking for personal information like a social security number. Be on the lookout for any message that pressures you to act quickly, requires upfront payments with gift cards or cryptocurrency, contains spelling or grammar mistakes, or if the scammer refuses to show proof of the winnings.

Personal loan scams trick victims into giving up their Social Security number or paying fake fees without ever giving them a loan. Scammers might also try to steal online banking access by depositing fake checks and then demanding individuals to send the money back as a ‘loan security’ measure. Be on the lookout for any lender that contacts you directly guaranteeing approval regardless of your credit, offers vague loan terms, skips paperwork, pressures you to act fast, avoids credit checks, asks for your online banking details, or isn’t registered with the FTC. These are all signs of a loan scam.

Artificial intelligence (AI) scams build on the traditional methods scammers use to manipulate victims more quickly and efficiently. Using techniques like voice cloning, scammers can create convincing emotional scenarios to steal information, assets, or identities. As AI tools become more sophisticated, these types of scams are increasingly dangerous and harder to detect.

Investment scams often appear as easy money-making opportunities with vague details and promises of quick riches. You might encounter them through unsolicited messages on social media, online ads, or dating sites, and scammers often invite you to free events to learn ‘secret’ methods. Watch for these red flags: promises of high returns with no risk, unregistered investments, complex or secretive strategies, pressure to invest quickly, guarantees of future wealth, and claims of ‘secret’ investment methods.

Romance scams occur when fraudsters create fake profiles on social media or dating websites, pretending to be someone they are not. These scammers build trust with their victims over several weeks or months before asking for money. In their communications with victims, they usually have an unusual profession that makes communicating/traveling difficult, they ask to use your bank account to receive an inheritance, they claim to be in the military overseas, or they create false travel plans to visit you.

Phishing is a type of online scam usually in the form of an email where cybercriminals will trick individuals into revealing sensitive information by pretending to be someone they trust. These communications create a sense of urgency and trick recipients into clicking a malicious link or downloading an infected attachment to steal personal information like passwords, credit card numbers or bank account details.

Smishing is when fraudsters target individuals through text messages or short message service (SMS) to obtain personal information such as online banking login credentials, a credit card number, social security number, etc. These scammers will make it seem like they are from your bank, a government agency like the IRS or Social Security Administration, from a mailing service notifying you that your package couldn’t be delivered, or from a subscription service alerting you that it’s about to expire and you need to renew. These communications will create a sense of urgency and may contain a link that will download malware or lead victims to a malicious website.

Vishing is when a scammer tries to engage you via phone call impersonating your bank, government agency, tech support in an attempt to obtain your personal information (i.e., passwords, credit card numbers, social security numbers, etc.). During these phone calls, scammers will use fear tactics and create a sense of urgency.

If you have questions or would like more information, we’re happy to help. Complete and submit this form, and one of our specialists will contact you within 24 business hours. Do not include personal information such as your account number or social security number.