ArtsAutosBooksBusinessEducationEntertainmentFamilyFashionFoodGamesGenderHealthHolidaysHomeHubPagesPersonal FinancePetsPoliticsReligionSportsTechnologyTravel

A New Twist on Bank Account Scams

Updated on March 4, 2018
Chuck profile image

A part-time college economics & finance instructor who began his career in banking, Chuck frequently writes on money & economics online.

Two of my more popular recent hubs have been I Just Won the Lottery in which I described receiving a $2,950 check for winning a lottery which I had never heard of, let alone entered and Money Laundering Jobs Aplenty in which I described the process by which scam artists are successfully recruiting honest citizens to unknowingly help them move their ill gotten gains abroad.

While both have been popular, the lottery one has attracted the most people, probably because that scam has been increasing lately and, as I considered doing, people are tempted to try to scam the scammer by cashing the check and ignoring the rest of the instructions. But that sounded too easy and, upon further investigation, I was able to discover how the scam worked and then wrote and published the lottery article on HubPages. Based upon the comments I have received to date, a number of people have received similar checks and, upon attempting to verify the legitimacy of the lottery on the Internet, have discovered my article and avoided losing their money.

Well, here is a new scam I encountered the other morning in my email. By now everyone should be on to the fake emails from their banks asking them to click on a link and verify their account information. The criminals running this scam have recently been doing a very good job of not only making the email itself very professional and authentic looking but have also made the forged bank web page that they take you to look real. Of course they ask you to sign in with your user name and password which immediately provides them with access to your account.

Well, this particular morning when I opened my email at work there was one from a local Credit Union asking me to answer a 5 question survey and, in exchange, they would credit my account with $20. It looked very professional right down to the Credit Union's exact logo with the registered trademark symbol next to it. Two warning flags went up in my mind immediately and they were first, I don't have an account with that institution and, second, even if I did have an account with them I never use my work email for personal business. The email was obviously generated from some general mailing list and they were just using a shotgun approach by randomly targeting people in the city where the credit union is located in hopes of reaching people with accounts there.

I was curious about both the survey and how long the page would last. Since I had just received the email, I suspected the scam was fresh. Based upon my experience in checking the money laundering scam, I knew that these web pages usually lasted 2 to 3 days before they were tracked down and knocked off the web. So I proceeded by clicking on the link for the survey. I was taken to another very professional looking page. The survey itself was short but the questions were believable. However, there were some warning flags. My first question was, Why Wasn't I taken to a page where I could login to my account? After all, I am supposed to have $20 credited to my account for taking this survey, but here I was being asked to take the survey from a regular web page with no way for them to know what account to credit the $20 to after I completed the survey. I had my answer, when I looked at the bottom of the page and saw that they were asking for my User name, password and PIN number for my bank account. They also asked for my name, debit card number, card expiration date, 3 digit ID from the back of the card and the PIN number for the debit card. All of this on an open and unsecure web site.

The link that I had clicked on was what looked like the credit union's real URL, however, the URL that appeared in the address line of the survey page was entirely different: http://sfs.nges.ylc.edu.tw/.survey/index.htm. Not only was this URL entirely different from the one that I had clicked on but the .tw that appeared just before the first backslash is the country code for Taiwan (see my Hub entitled Cyber Geography – Internet Country Codes Explained for an explanation of Internet country codes). After highlighting and deleting the /.survey/index.html portion of the address on my browser, I hit the Go button and found myself on a site written in Chinese.

From the time I first opened the email, there was no question that this was a scam. But it was a very good one and probably duped more than one person. However, the good news in this was that when I tested the link again before leaving work, it just returned an error message indicating that the site was unavailable. Going to the credit union's real site I saw that an announcement had been posted warning people about the scam. Previously, these fraudulent sites that I have checked remained operational for a day or two, but this one was out of business in a little over nine hours between the time I received the first email and when I checked the link at the end of the day. Obviously some customers had called about the survey, thereby alerting the credit union's security officials that something was amiss.

While people are catching on to these scams and security people at the affected companies are increasing the speed at which they discover and disable these fake websites, it is still the individual who ultimately makes the decision to either react with their emotions and greedily go after the promised quick cash or react with their minds by assuming that if it appears to be too good to be true it just might be too good to be true. This particular scam was a little trickier than usual since compensation for surveys is a very common and very legitimate practice on the Internet. However, the tip off here was their asking for account access information and debit card information. As a supposed customer of that financial institution, all they would have needed was the account number of the account I wanted them to post the $20 reward. They do not need my user name and password or my debit card pin in order to differentiate the account of one John Smith from that of another John Smith. This should have raised questions even if the target of the scam had never bothered to read any of the plentiful signs, warning notices, etc. that financial institutions, the police and various consumer education organizations constantly post informing people that financial institutions NEVER telephone or email people asking for this information.

If there is ever any doubt about the authenticity of any email from your financial institution that either asks you to click on a link and sign in to your account or to provide any information about your account all you have to do is either call your financial institution, using a phone number from the phone book or an account statement from the institution, again NEVER call the number on the email, or open a new browser window, type in the institution's log-in URL and sign in to the website. Once logged on to the legitimate site of your financial institution you should either see a notice announcing the promotion or whatever was announced in the email or a warning that the email was a fraud. If there is no mention of the promotion or email announcement, you can be fairly certain that the email is a fraud and a phone call or an email to the institution using the Contact Us link on the site is in order.

This is the email that I received at 7:12 in the morning.
This is the email that I received at 7:12 in the morning.
This is the top half of the page containing the survey.
This is the top half of the page containing the survey.
This is the bottom half of the survey page.
This is the bottom half of the survey page.
This is the page that came up when I removed the survey portion of the URL on the survey page.
This is the page that came up when I removed the survey portion of the URL on the survey page.

© 2007 Chuck Nugent

working

This website uses cookies

As a user in the EEA, your approval is needed on a few things. To provide a better website experience, hubpages.com uses cookies (and other similar technologies) and may collect, process, and share personal data. Please choose which areas of our service you consent to our doing so.

For more information on managing or withdrawing consents and how we handle data, visit our Privacy Policy at: https://corp.maven.io/privacy-policy

Show Details
Necessary
HubPages Device IDThis is used to identify particular browsers or devices when the access the service, and is used for security reasons.
LoginThis is necessary to sign in to the HubPages Service.
Google RecaptchaThis is used to prevent bots and spam. (Privacy Policy)
AkismetThis is used to detect comment spam. (Privacy Policy)
HubPages Google AnalyticsThis is used to provide data on traffic to our website, all personally identifyable data is anonymized. (Privacy Policy)
HubPages Traffic PixelThis is used to collect data on traffic to articles and other pages on our site. Unless you are signed in to a HubPages account, all personally identifiable information is anonymized.
Amazon Web ServicesThis is a cloud services platform that we used to host our service. (Privacy Policy)
CloudflareThis is a cloud CDN service that we use to efficiently deliver files required for our service to operate such as javascript, cascading style sheets, images, and videos. (Privacy Policy)
Google Hosted LibrariesJavascript software libraries such as jQuery are loaded at endpoints on the googleapis.com or gstatic.com domains, for performance and efficiency reasons. (Privacy Policy)
Features
Google Custom SearchThis is feature allows you to search the site. (Privacy Policy)
Google MapsSome articles have Google Maps embedded in them. (Privacy Policy)
Google ChartsThis is used to display charts and graphs on articles and the author center. (Privacy Policy)
Google AdSense Host APIThis service allows you to sign up for or associate a Google AdSense account with HubPages, so that you can earn money from ads on your articles. No data is shared unless you engage with this feature. (Privacy Policy)
Google YouTubeSome articles have YouTube videos embedded in them. (Privacy Policy)
VimeoSome articles have Vimeo videos embedded in them. (Privacy Policy)
PaypalThis is used for a registered author who enrolls in the HubPages Earnings program and requests to be paid via PayPal. No data is shared with Paypal unless you engage with this feature. (Privacy Policy)
Facebook LoginYou can use this to streamline signing up for, or signing in to your Hubpages account. No data is shared with Facebook unless you engage with this feature. (Privacy Policy)
MavenThis supports the Maven widget and search functionality. (Privacy Policy)
Marketing
Google AdSenseThis is an ad network. (Privacy Policy)
Google DoubleClickGoogle provides ad serving technology and runs an ad network. (Privacy Policy)
Index ExchangeThis is an ad network. (Privacy Policy)
SovrnThis is an ad network. (Privacy Policy)
Facebook AdsThis is an ad network. (Privacy Policy)
Amazon Unified Ad MarketplaceThis is an ad network. (Privacy Policy)
AppNexusThis is an ad network. (Privacy Policy)
OpenxThis is an ad network. (Privacy Policy)
Rubicon ProjectThis is an ad network. (Privacy Policy)
TripleLiftThis is an ad network. (Privacy Policy)
Say MediaWe partner with Say Media to deliver ad campaigns on our sites. (Privacy Policy)
Remarketing PixelsWe may use remarketing pixels from advertising networks such as Google AdWords, Bing Ads, and Facebook in order to advertise the HubPages Service to people that have visited our sites.
Conversion Tracking PixelsWe may use conversion tracking pixels from advertising networks such as Google AdWords, Bing Ads, and Facebook in order to identify when an advertisement has successfully resulted in the desired action, such as signing up for the HubPages Service or publishing an article on the HubPages Service.
Statistics
Author Google AnalyticsThis is used to provide traffic data and reports to the authors of articles on the HubPages Service. (Privacy Policy)
ComscoreComScore is a media measurement and analytics company providing marketing data and analytics to enterprises, media and advertising agencies, and publishers. Non-consent will result in ComScore only processing obfuscated personal data. (Privacy Policy)
Amazon Tracking PixelSome articles display amazon products as part of the Amazon Affiliate program, this pixel provides traffic statistics for those products (Privacy Policy)
ClickscoThis is a data management platform studying reader behavior (Privacy Policy)