NASB is again proud to partner with the American Bankers Association (ABA) in October to create a unique campaign called #BanksNeverAskThat to coincide with National Cybersecurity Awareness Month. The campaign helps bank customers spot phishing scams by reminding them that “banks never ask” for things like clicking on a link to give their password, verifying a PIN, or having them call because their card has been deactivated.
One relatively new phishing technique is incorporating artificial intelligence (AI) into scams.
AI refers to computers or computer-controlled machines that can simulate human intelligence in various ways. AI is all around us, and its applications and usage will continue to grow.
Scammers see AI technology as a gold mine for phishing opportunities. It used to be easy to spot a phishing email from its brevity and grammatical mistakes. But now, ChatGPT understands around 20 languages, which cybercriminals use to create more in-depth, grammatically correct emails.
Regular phishing attacks prioritize quantity over quality, with the poor quality of the message catchable by most spam filters and individuals. But now, these ChatGPT-written emails are better written and aren't as easily detected as spam.
Spear phishing is much harder to detect, as emails target specific people from known and trusted sources. When combined with AI technology, spear phishing yields shocking results.
Scammers who acquire breached data from hacked websites can use AI to organize it into highly coordinated phishing attacks. For example, a scammer might find out which hospital you may have recently visited and send an email claiming to be from the billing department. This may trick you into handing over credit card information or sensitive material. AI allows scammers to interact with individuals on a much larger scale, increasing their chance of success.
It won’t be too long before spear phishing attacks resemble targeted ads. You might be researching your favorite football team, and suddenly, scam ads pop up for phony game tickets. Real-time targeted spear phishing capabilities aren’t here yet, but it won’t be long.
If you think you may be a victim of a phishing scam:
- Contact your bank, financial institutions, and creditors
- Speak with the fraud department and explain that someone has stolen your identity.
- Request to close or freeze any accounts that may have been tampered with or fraudulently established.
- Make sure to change your online login credentials, passwords, and PINs.
- Secure your email and other communication accounts
- Many people reuse passwords, and your email or cell phone account may also be compromised.
- Immediately change your accounts’ passwords and implement multi-factor authentication — a setting that prevents cybercriminals from accessing your accounts, even if they know your password — if you haven’t already done so.
- Check your credit reports and place a fraud alert on them
- Get a free copy of your credit report from annualcreditreport.com or call 877.322.8228.
- Review your credit report to ensure unauthorized accounts are not opened in your name.
- Report any fraudulent accounts to the appropriate financial institutions.
- Contact one of the three credit bureaus to place a fraud alert on your credit. That company must tell the other two.
– Experian: 888.397.3742 or experian.com
– TransUnion: 800.680.7289 or transunion.com
– Equifax: 888.766.0008 or equifax.com - Contact ChexSystems at 888.478.6536 to place a security alert on the compromised checking and savings accounts when a deposit account has been impacted.
- Contact the Federal Trade Commission to report an ID theft incident: visit ftc.gov/idtheft or call 877.438.4338.
- File a report with your local law enforcement.
- Get a copy of the report to submit to creditors and others who may require proof of the crime.
NASB is proud to partner with ABA to help ensure banking customers do not become victims of phishing fraud. Please click here for more ways to protect yourself.