Sick of scam warnings yet? So are we. But in a world where scams are just a call, text, or click away, we need to speak up.
Cybercriminals are using tactics like spoofed phone numbers and fake links in texts and emails to trick people into giving away personal information—or even money. Here’s what we’re seeing in the banking world:
Phone Number Spoofing
Spoofing is when a scammer disguises their real phone number to make it look like it’s coming from a trusted source—like your bank, a government agency, or even a local number. The goal? To earn your trust and prompt you to answer or call back.
What are spoofing scenarios our customers have recently encountered?
Someone claiming to be from “Horicon Bank” calls and asks:
- a business to verify ACH payment information
- an organization to click on a link and sign up for mobile deposit
- an individual to verify a “suspicious” transaction and asks for account details
Tip: Just because a number looks familiar doesn’t mean it’s legitimate. Never give out personal or financial information over the phone unless you initiated the call using a verified number. Banks will rarely ask for your account number, PIN, or password during a phone call — and will never ask for a one-time login code. Never share such confidential details unless you’ve verified you know exactly who you are talking to.
Phishing Texts and Emails
Phishing is a method used by scammers to trick you into clicking malicious links or providing personal information, often by pretending to be a legitimate organization.
Red flags include:
- Texts or emails claiming “Your account is locked—click here to unlock it.”
- Urgent messages that say you must act now or face consequences.
- Links that look almost—but not quite—like real company URLs.
These messages often contain links that lead to fake websites designed to steal your login credentials, credit card numbers, or other sensitive data.
Tip: Hover over links (on computers) or press and hold (on phones) to preview the URL before clicking. If it looks suspicious, don’t click it.
So what are ways to protect against spoofing phone calls and phishing text?
- Don’t answer unknown calls. Let them go to voicemail.
- Never click links in unsolicited messages. Go directly to the company’s website or call a verified customer service number.
- Use multi-factor authentication (MFA) wherever possible—it adds a layer of protection even if your password is compromised.
- Report suspicious activity.
- Educate others. Talk to your family, coworkers and friends about these common tactics.
Scammers are crafty—but you can outsmart them by staying informed and cautious. When in doubt, pause, verify, and trust your instincts. Stay alert, stay secure!