Identifying and Avoiding Fraudulent Pop-Ups
A growing issue within the financial services industry is the use of pop-up messages by criminals to perpetrate fraudulent schemes in an effort to access your personal information, assets, and potentially steal your identity.
Pop-ups are a tactic used in technology scams in which victims are contacted by what appears to be a technology support team to fix a fabricated issue or virus on their computer. These scams can include notifications such as pop-up alerts along with phone calls, text messages, and emails that appear to be from financial institutions contacting you about a security issue, such as account access or activity. Spotting these tactics will help you avoid falling for fraudulent pop-ups.
Pop-up Warnings
Scammers may try to lure you with a pop-up window that appears on your computer screen or at a login page. It might look like an error message from your operating system or antivirus software, and it might use logos from trusted companies or websites. The message in the window warns of a security issue on your computer and tells you to call a phone number to get help. Pop-up scammers will then often ask you to pay for tech support or other services with a gift card, cash-reload card, or wire transfer. Remember that no legitimate company will ask for payment that way. Pop-up scammers also try to get their links to show up in online search results or run their own ads online that may include a phone number. The scammers are hoping you’ll call the phone number to get help. They may also call you and pretend to be a support technician from a well-known company to say they’ve found a problem with your computer and will often ask you to give them remote access to your computer.
Pop-up Scam Example:
A bank client Googled the company’s name and clicked on a phishing link inside a pop-up message that instructed him to call a phone number for “Bank Security.” He called the number and a fraudster identified himself as a Bank Fraud Representative and explained to the client that he needed to enter his credentials so he could gain access to his computer to “prevent fraud.” The computer screen went black after the client granted access during which two fraudulent wires were requested to two different banks. When the client noticed the wire transfers he hung up and called the bank to freeze the account.
Listen to an FTC undercover call with a tech support scammer
How to Avoid Tech Scams
- Understand that, even if you have antivirus programs installed on your computer, it’s possible to encounter fraudulent pop-up messages on some websites.
- In general, distrust pop-up messages on websites—especially if they claim to have found issues with your computer (a legitimate IT support group will not use pop-up messages to alert you to issues).
- Never give anyone remote access to your computer unless you know who they are and trust them.
- Use antivirus software to regularly scan your computer for malware, and run a scan immediately after getting a suspected scam pop-up.
- Keep your security software, browser and operating system up to date, and consider using your browser’s pop-up blocker.
- Don’t rely on caller ID to determine if a caller is trustworthy as scammers use "spoofing" techniques to make it look like they’re calling from a legitimate number.
- If you’re ever in doubt about the legitimacy of a message you’ve seen, contact that company directly (i.e., look up their actual number from a trusted or bookmarked website instead of calling the number given in the message).
As a reminder, Schwab will never request any personal information via email or text and will never ask you to initiate any transaction or gain access to your computer so that we can initiate a transaction. For additional information read our guides for tips on avoiding scams and phishing attacks. If you have any questions, please contact your Financial Consultant or call us at 800-435-4000. If you’re outside the U.S., please call +1-415-667-8400.