Beware the live chat banking scam
If you shop online, chances are you’ve seen one of those “live chat” boxes appear when visiting your favourite store. These handy customer service tools let online businesses emulate some of that individualized attention we get at brick-and-mortar stores.
Unfortunately, they’re also the latest tactic for scammers phishing for your personal data when you bank online. Here’s how it works:
You visit your bank’s website. You’re knowledgeable about phishing scams, so you went directly to the website and are assured that what you’re using is secure.
Suddenly, your session freezes up. A chat window then pops up with a warning message. According various reports, it looks something like this:
“The system couldn’t identify your PC. You will be contacted by a representative of bank to confirm your personality. Please pass the process of additional verification otherwise your account will be locked.”
The grammar leaves a lot to be desired — but crooks are counting on you to be a little panicked and not paying close attention. You might see an additional message asking you to wait for a representative who will be with you shortly. You can’t access your accounts, and your anxiety is increasing.
A helpful “bank employee” will then appear and walk you through the verification process to unlock your account. You may be asked for your personal information such as your account number, password or user ID — the information scammers need to hack into your account or make a purchase elsewhere.
No, your bank’s website hasn’t been hacked. The culprit is some malicious code sitting on your computer — a reiteration of the Shylock malware that keeps security experts on their toes. (The malware gets its curious name from “The Merchant of Venice” — creative hackers are known to insert lines from the play into their code.) You think you’re talking to a bank representative, but instead you’re responding to an automated script that asks the right questions at the right time.
Online chat scams aren’t new, but the worst they used to do was send users to a phishing website. Now the phishing scheme comes directly to you via your internet browser. Crooks don’t need to worry about their fraudulent sites being shut down.
The scam has been around for a few months now — it was first identified by security service Trusteer back in February. So far it’s been limited to bank websites and targets business users, but experts worry that the strategy could be used in different contexts too. For example, there’s a related insurance scam recently making the rounds that uses the same tactic.
As outlined in a recent warning on Scambusters.org, in this version you’ll see a pop-up window offering to sell you insurance. The message seems to be legitimate because it cites your bank account balance — making it seem like your bank is part of the deal. Next, the scammers send you an new account number and ask you to transfer a significant sum to activate your new insurance. We’re sure you can guess where your money will actually go.
So far, there’s no evidence these scams have made it to Canada — but successful tactics can cross borders as easily as computer viruses. We may never come across these scams, but it doesn’t hurt to be ready.
How can you avoid these scams?
– Use antivirus software on your computer and keep it updated.
– Avoid clicking on suspicious links or downloading files from questionable sources. Unfortunately, experts warn Shylock can get around some anti-virus programs, so your best defence is to avoid downloading the malware in the first place.
– Don’t respond to respond to any live chat messages on your bank’s website. If your bank does use live chats on its website, experts say to proceed with caution — watch out for grammar mistakes and requests for personal information or cash. Your bank already knows your account numbers and you should never be asked for your password or PIN number
– If you come across a questionable chat service, log off the website and shut down your browser. You’ll want to take steps to have the virus removed from your computer.
– If you think your information has been compromised, call your bank immediately. Be aware that if you wired or transferred cash, there’s little chance it can be traced.
Sources: NBC12.com, Scambusters.org, Trusteer.com
READ MORE
Beware the ransomware scam
10 ways to stop the scammers
Why do people fall for scams?
Top phishing sites
Identity theft: What to do if you’re affected
'%3E %3Cg id='Group'%3E %3Cpath id='Vector_2' d='M12.4876 13.8996V13.4213H0.743091V15.2149H9.18805L9.22196 15.2685C9.19653 15.2272 3.24373 25.2836 0.74521 29.5469C0.420975 30.1015 0.0797856 30.7158 0.0797856 30.7158C0.0713089 30.7323 0.0585938 30.755 0.0585938 30.755H12.1401V28.9614H3.67181L3.6379 28.9078C3.37512 29.1222 12.4876 13.8996 12.4876 13.8996ZM36.1229 22.115C36.1229 26.4896 33.7537 29.18 31.1683 29.18C28.5829 29.18 26.1861 26.4896 26.1861 22.115C26.1861 17.7403 28.5553 15.0231 31.1683 15.0231C33.7812 15.0231 36.1229 17.7403 36.1229 22.115ZM22.0155 22.115C22.0155 26.4896 19.6462 29.18 17.0587 29.18C14.4712 29.18 12.0765 26.4896 12.0765 22.115C12.0765 17.7403 14.4458 15.0231 17.0587 15.0231C19.6717 15.0231 22.0155 17.7403 22.0155 22.115ZM38.223 22.0613C38.223 16.7095 35.0443 13.1492 31.1661 13.1492C27.288 13.1492 24.3402 16.4312 24.0987 21.4326C23.8592 16.4333 20.7842 13.1492 17.0587 13.1492C13.3332 13.1492 9.97427 16.7074 9.97427 22.0613C9.97427 27.4153 13.1785 31.0003 17.0587 31.0003C20.9389 31.0003 23.8592 27.7183 24.0987 22.6922C24.3402 27.7162 27.4406 31.0003 31.1661 31.0003C34.8917 31.0003 38.223 27.4421 38.223 22.0613ZM51.3747 30.755H53.5257L52.3178 13.4213H50.1668L45.797 27.3328L41.4273 13.4213H39.2763L38.0662 30.755H40.2172L41.0352 19.0247L44.7205 30.755H46.8714L50.5567 19.0247L51.3747 30.755ZM53.9453 30.755H62.3797V28.9614H56.0963V22.9293H60.964V21.1357H56.0963V15.2128H61.8859V13.4192H53.9453V30.7529V30.755ZM69.3624 18.2021C69.3624 20.1029 68.1333 21.1625 66.7367 21.1625H64.893V15.2128H66.7092C68.1333 15.2128 69.3624 16.3261 69.3624 18.2021ZM71.5134 18.1753C71.5134 15.2128 69.3348 13.4213 67.0164 13.4213H62.7993V30.755H64.893V22.9313H66.7092L71.5112 30.755H73.997L68.8601 22.4695C70.369 21.8717 71.5134 20.3502 71.5134 18.1773' fill='%23231F20'/%3E %3C/g%3E %3C/g%3E %3C/g%3E %3Cg id='Group_2'%3E %3Cpath id='Vector_3' d='M9.67285 8.56629V3.50513H12.6249V4.11535H10.5947V5.71719H12.2943V6.32742H10.5947V7.954H12.9046V8.56423H9.67285V8.56629Z' fill='%23231F20'/%3E %3Cpath id='Vector_4' d='M17.6819 8.6137H17.2581L15.1855 3.50513H16.1392L17.0822 5.86975C17.2178 6.20991 17.362 6.63872 17.4976 7.05103H17.5188C17.6544 6.64696 17.7879 6.2264 17.9341 5.86975L18.8666 3.50513H19.7482L17.6862 8.6137H17.6819Z' fill='%23231F20'/%3E %3Cpath id='Vector_5' d='M22.4072 8.56629V3.50513H25.3593V4.11535H23.3291V5.71719H25.0287V6.32742H23.3291V7.954H25.639V8.56423H22.4072V8.56629Z' fill='%23231F20'/%3E %3Cpath id='Vector_6' d='M31.6164 8.56629L29.9698 6.32123H29.2959V8.56629H28.374V3.50513H30.0948C30.9552 3.50513 31.805 4.01227 31.805 4.90906C31.805 5.54402 31.3896 5.97283 30.8725 6.16249L32.6654 8.56629H31.6185H31.6164ZM29.9592 4.10711H29.2959V5.71719H29.9592C30.436 5.71719 30.8704 5.43888 30.8704 4.90906C30.8704 4.37923 30.436 4.10711 29.9592 4.10711Z' fill='%23231F20'/%3E %3Cpath id='Vector_7' d='M37.5849 6.27382V8.56629H36.6737V6.28206L34.6943 3.50513H35.667L36.6503 4.90081C36.8156 5.13789 37.0021 5.38528 37.1378 5.59968H37.159C37.3031 5.39353 37.5001 5.11522 37.657 4.90081L38.6403 3.50513H39.5621L37.5828 6.27382H37.5849Z' fill='%23231F20'/%3E %3Cpath id='Vector_8' d='M44.3084 4.11535V8.56629H43.376V4.11535H41.7188V3.50513H45.9656V4.11535H44.3084Z' fill='%23231F20'/%3E %3Cpath id='Vector_9' d='M52.0484 8.56629V6.32948H49.499V8.56629H48.5771V3.50513H49.499V5.71926H52.0484V3.50513H52.9808V8.56629H52.0484Z' fill='%23231F20'/%3E %3Cpath id='Vector_10' d='M56.2129 8.56629V3.50513H57.1453V8.56629H56.2129Z' fill='%23231F20'/%3E %3Cpath id='Vector_11' d='M64.7402 8.64463L62.4091 6.17693C62.0467 5.79553 61.6208 5.31106 61.2796 4.91524L61.2584 4.92349C61.2796 5.3523 61.2902 5.7811 61.2902 6.13776V8.56629H60.3789V3.50513H61.0316L63.1868 5.82233C63.4878 6.14806 63.9222 6.63872 64.2337 7.00362L64.2549 6.99537C64.2337 6.62223 64.2231 6.17899 64.2231 5.83677V3.50513H65.1344V8.64669H64.7402V8.64463Z' fill='%23231F20'/%3E %3Cpath id='Vector_12' d='M70.9048 8.64416C69.4235 8.64416 68.0566 7.69172 68.0566 6.03421C68.0566 4.37671 69.4659 3.41602 70.8752 3.41602C71.5999 3.41602 72.17 3.57476 72.5324 3.78091L72.3883 4.42412C72.0471 4.21797 71.5491 4.05098 71.0002 4.05098C69.9639 4.05098 68.9912 4.77253 68.9912 6.04246C68.9912 7.31239 69.9448 8.01745 70.9599 8.01745C71.405 8.01745 71.7567 7.93911 71.975 7.7948V6.61352H70.8349V6.03421H72.8354V8.12877C72.3586 8.47718 71.7271 8.64416 70.9091 8.64416H70.9048Z' fill='%23231F20'/%3E %3C/g%3E %3Cpath id='Vector_13' d='M0.0839844 1.00212L73.997 1' stroke='%23231F20' stroke-width='1.25' stroke-miterlimit='10'/%3E %3Cpath id='Vector_14' d='M0.0839844 10.9116H73.997' stroke='%23231F20' stroke-width='1.25' stroke-miterlimit='10'/%3E %3Cpath id='Vector_15' d='M4.91016 4.15649L3.55812 4.13794L5.18777 5.7068L0 5.6532V6.5974L5.20049 6.651L3.61321 8.18068L4.96526 8.19718L7.0018 6.20157L4.91016 4.15649Z' fill='%23D71920'/%3E %3C/g%3E %3C/svg%3E)
