Tag Archives: Zelle

Zelle Fraud – A New Twist on an Old Scam

Zelle is a peer-to-peer payment network similar to Venmo and others. The difference is that Zelle is owned by the big banks like Bank of America, Capital One, Chase, Wells Fargo and others.

But recently Zelle has been in the news and not for good reasons. Scammers have figured out that they can socially engineer many people and once the money is out of your account, it is hard to get back (more on this later).

How can you protect yourself against Zelle scams? Remember those scams that asked you to buy iTunes gift cards, scratch off the cover and send the scammers the numbers? This is not much different.

Don’t use Zelle to send money to people you don’t know. If the scammer tries to convince that things are super urgent, take a deep breath. If someone calls you and the caller ID says it is your bank but they want you to send them money with Zelle, it is, 100 percent, a scam. Hang up. Credit: Channel 3000

Some other tips – and this is no different than any other scam:

  • Don’t respond to unsolicited text or emails
  • Watch for urgent deadlines
  • Always use two factor authentication and never give out your code

The banks have been reluctant to reimburse you for Zelle scams since you did initiate the transaction, but talk to your bank and, if they give you a hard time, talk to your local TV station. Banks love the press saying they have horrible customer service and don’t care about their customers.

But here is the most important thing to “suggest” to your bank. Ask them to look at the Consumer Financial Protection Bureau’s position on banks’ compliance requirements with the Electronic Funds Transfer Act of 1978 known as Reg E. Basically, the feds say, that the banks have to give you bank your money. You may need an attorney to get their attention, but the rules are clear. Credit: CNET

But just to make sure that the banks understand the plan, two US Senators sent a letter to Zelle’s owner, Early Warning Services (which itself is owned by the banks), asking it to explain how it is handling fraud. The outcome of this, likely hearings and either more regulations or laws, means that the banks need to clean up their act before it is forced on them. The banks do not have a popular position in this situation and they will lose in the court of public opinion. Credit: Finextra

Security News for the Week Ending November 26, 2021

Tesla Locks Owners Out of Cars – On Accident

Hundreds of Tesla owners got locked out of their cars when a server that powers the Tesla app crashed due to load. Apparently those owners forgot there is such a thing as a car key. The outage lasted about 5 hours and Elon Musk later tweeted that they would work to avoid this in the future. This doesn’t happen often; just a reminder that no tech is perfect. Credit: The Guardian

The Zelle Fraud Scam – Don’t Fall Victim

The Zelle fraud scam starts with a fake text message that asks if you made a Zelle payment in the amount of $X. If you respond to the text with anything, you will get a call from the scammer pretending to be your bank. The scammer asks for your online banking USER NAME (not password) and the hacker then does a password reset, asking you for the PIN that your bank sends to do the password reset. And then empties your bank account. For more details, see the Brian Krebs account of the attack.

Microsoft Says Attackers Don’t Bother to Brute Force Long Passwords

A Microsoft engineer analyzed over 25 million password attempts against a honeypot of SSH servers and discovered that 77% of the attempts to brute force a password used passwords of 7 characters or less and only 6% used passwords of over 10 characters. Also, only 7% of the attempts used a special character. This gives users some parameters for constructing passwords. Credit: The Record

US Sanctions 28 Quantum Computing Companies in China, Russia, Pakistan and Japan

The US continues to work on protecting our technology from foreign bad actors. The Commerce Department added 28 companies in multiple countries as a risk to the US. These sanctions prohibit US companies from dealing with these organizations. Given that quantum computing is a strategic technology for everyone, we do not want to accidentally be helping the bad guys. For a list of these companies, check out this article.

Israel Bans Sales of Hacking Tools to 65 Countries

In the wake of all of the negative press that Israeli hacking tools company NSO Group is getting, including being banned in the US, Israel reduced the list of countries that companies like NSO can sell to from 102 to just 37 countries. See the list here.

India to Ban Almost All Private Crypocurrencies

India is about to ban almost all private cryptocurrencies. A new bill will create a framework for an official digital currency, to be issued by the Reserve Bank of India. Included in the ban would be Bitcoin and Ethereum. Effectively, if this bill becomes law non-fiat cryptocurrency would cease to exist in one of the world’s most populous countries. Credit: Euronews