Building A Digital Defense Against Fake Bills
Agggh – you just opened your email and find what looks to be a receipt for a purchase from a really big, reputable company. The company is so big and well known you’ve probably purchased items from it before. The receipt shows the charge isn’t that high – maybe less than $30 or $40. But it is high enough that you are annoyed and angry. You are convinced that someone hacked your account and purchased that stupid video game using your money.
Conveniently enough, there is a button at the bottom of the receipt for you to dispute the transaction. You are so peeved about the whole thing, you click on that button without even thinking.
It's a simple form – you just list your personal info, including your name, address, bank account routing number and maybe your account number for that big, reputable company. Bonus points if you list your Social Security number.
Of course, the charge is a fake – no one bought a video game using your hard earned money. What is real is how fast the bad guy can drain your bank account with all of that personally identifiable information – or PII – that you just handed over.
Here’s how to protect yourself:
- If you get a receipt for an item that you didn’t buy, check your bank account and credit cards to confirm whether there really was a charge that went through.
- Look for legitimate contact options on the vendor’s public webpage. Use that info – not what is in the email or on the receipt – to contact the vendor to confirm whether there was activity in your account.
- Never click on links in emails, especially unsolicited emails.
If you have been victimized by an online scam, report your suspicious contacts to the FBI. You can file an online report at the FBI’s Internet Crime Complaint Center at www.ic3.gov or call your FBI local office.