Connect ► twitter| youtube|  Log In ► Members Only  |  Corporate One Safekeeping  |  Search

BSA/AML Hot Topics: Increasing tech support scams victimize seniors

It's that time of year again! Register now for our annual BSA/AML/OFAC live and on-demand compliance training webinar series

Join ProBank's Mark Dever for two convenient and cost-effective trainings that meet the FFIEC’s guidelines expected for BSA/AML officers and compliance professionals.

BSA Essentials

Our one-day, three-hour annual compliance webinar will discuss all the essentials, such as: Member Due Diligence, Suspicious Activity Reporting, Office of Foreign Assets Control, and more.

May 13
1:00 p.m. - 4:00 p.m. ET


Train and remain BSA/OFAC compliant

Geared toward the more seasoned BSA/AML professional, we’ll get you up to speed on the most current industry news and information in just one hour.

October 28
1:00 p.m. – 2:00 p.m. ET

By Naomi Glass, AVP, BSA/AML Compliance Officer

During the pandemic, people of all ages have been doing more online – working, taking classes, connecting with friends and family, shopping, and binge-watching Netflix. So, if something goes wrong with your computer, you want to fix it right away. Scammers are preying on this, offering phony tech support services as a ploy to steal your money.

Corporate One has seen a recent spike in tech support scams involving members who are seniors. Within the past six months alone, 15 members of 11 credit unions across the country have been victimized by the scheme. Their losses have amounted to over $390,000!

Although there are several variations of the scam, one of the more common ones involves tech support refunds. Here’s how it works:

  • Essentially, an individual is contacted by criminals who falsely claim that they are representatives from an antivirus software company. The “representative” tells the individual that their computer contains a virus and has been hacked, and, as a result, they will be issued a refund.
  • The criminals get the individual to grant them remote access to their computer, as well as access to their credit union’s online banking system. At that point, the criminals will transfer money from the individual’s savings or credit card account to their own checking account without them realizing this.
  • The “representative” then tells the individual that a refund has been issued and the funds deposited directly into their checking account. The “representative” then claims that they accidently deposited too much money. The individual is told to wire the extra funds back to the antivirus software company and are often threatened if they do not comply immediately.
  • The individual is given instructions to wire the difference in funds to a random person in Thailand or Hong Kong and to tell the credit union, if asked, that they are wiring funds for reasons such as sending money to a friend, purchasing property, or making an investment. It is not until the funds are gone that the individual realizes that they sent their own money and have been defrauded.

Protecting members from becoming victims

Unfortunately, there isn’t a lot credit unions can do to prevent their members from becoming victims of this scheme. This is because typically, a credit union has no knowledge that the fraud occurred until after their member contacts them in an urgent effort to get their money back.

The most effective way for credit unions to protect their members from becoming victims is by interdicting the wire transfer before it is sent out. This is crucial because members have been known to send wires ranging anywhere from $7,000 to a staggering $60,000.

Credit union staff should be trained to spot red flags indicative of tech support scams and be prepared to ask their member some clarifying questions if they suspect there is something amiss. Questions may include asking whether anyone was threatening them or telling them to say certain things concerning the wire. Staff should also educate the member that there are scams out there, and they could be taken advantage of.

Credit unions that become aware of the fraudulent wire activity after the fact should take the following steps:

  • Attempt to recall the wire sent by the member. Meanwhile, set realistic expectations that most victims never get their money back.
  • Advise the member to report the fraud to the authorities. Members can do so by filing a police report, submitting a complaint to the FBI through their Internet Crime Complaint Center, and reporting the scam to the Federal Trade Commission.
  • File a suspicious activity report with the Financial Crimes Enforcement Network (FinCEN) if the dollar amount of the fraudulent activity meets reporting thresholds.

Ultimately, criminals have been able to cash in as more people, particularly seniors, are spending much more time in the digital world than they ever did before due to the pandemic. Although the pandemic will eventually go away, the rise in tech support scams is here to stay.