Infosec Watchtower Logo

Protecting Yourself Against Financial Scams: Red Flags and Safety Measures

Charles M. Walls | March 17, 2024 | Views: 133

An image depicting a figure shielding themselves from various icons representing scams, such as phishing emails, fake URLs, and alarmist text.

In the digital age, financial scams are becoming increasingly sophisticated, but recognizing the warning signs can help keep your information and finances safe. Here's a guide based on a real-life example to help you spot and avoid these scams.

Screenshot of a text message from a scammer
Image: Screenshot of a text message from a scammer - Infosec Watchtower

Red Flag 1: Mismatched and Unusual URLs

Always check the URL carefully. In the scam attempt described, the text message received mentions a website (ccukycu-alert.online) that does not match the official URL of the Commonwealth Credit Union (ccuky.org). Official institutions often have secure, easily identifiable websites—typically ending in .org for organizations or .com for commercial entities—rather than .online. Be wary of URLs that deviate from established patterns.

Red Flag 2: Communications from Non-Official Email Addresses

Legitimate institutions will typically contact you via official email addresses that clearly contain their domain name. For example, in the provided example, the sender's email (commonwealthcu-alerts@meldedigital.com) doesn’t match the official Commonwealth Credit Union domain. This inconsistency is a telltale sign of a scam.

Red Flag 3: Vague and Unsolicited Messages

Scammers often send out vague, unsolicited messages claiming there's an issue with your account. They prey on the urgency and fear such a message instigates. A legitimate credit union or bank will provide specific information and often instruct you to contact them through official channels.

Red Flag 4: Lack of Personalization

Legitimate messages from financial institutions typically address you by name, not with generic salutations. Be suspicious of messages that do not address you directly.

Screenshot of a scam website(ccukycu-alert.online) impersonating Commonwealth Credit Union(ccuky.org)
Image: Screenshot of a scam website(ccukycu-alert.online) impersonating Commonwealth Credit Union(ccuky.org) - Infosec Watchtower

Red Flag 5: Request for Sensitive Information

Never enter sensitive information into a form linked from an email or text message. Scammers use these forms to harvest login credentials. Instead, go directly to the official website or contact the institution using verified contact information.

Red Flag 6: Sense of Urgency

Scammers often create a sense of urgency to panic the victim into acting without thinking. Any message that urges you to act immediately should be approached with caution.

Safety Measures

  • Use Two-Factor Authentication (2FA): Always enable 2FA on your accounts to add an additional layer of security.
  • Unique Passwords: Use unique passwords for each of your accounts to prevent cross-site hacking.
  • Educate Yourself: Familiarize yourself with the common tactics used by scammers to be better prepared.
  • Verify Contact: If you receive a suspicious message, contact the institution directly using verified contact information to confirm its legitimacy.
  • Report Scams: Help prevent scams from spreading by reporting them to relevant authorities or financial institutions.

By being vigilant and knowing what to look out for, you can protect yourself and your finances from the hands of scammers. Remember, if something seems off, it's always better to err on the side of caution and double-check using official channels.