Imagine walking down the sidewalk and being confronted at gunpoint by a crook.
Open the payment app on your phone and transfer out your hard-earned cash, or take a bullet in the head.
That’s one phone cash ripoff scenario of many playing out in real-life America.
Other cash app crimes are happening due to the vulnerability of an unlocked iPhone without the new Stolen Device Protection turned on in iOS.
These are examples of how mobile payment apps can put your money and your life at risk.
Do you use mobile payment apps like Venmo, Zelle or Cash App to send and receive money? If so, you’re not alone. These peer-to-peer payment services now handle an estimated $1 trillion in payments.
And with that much money involved, there are also now a lot of fraud and scams going on, according to Alvin Bragg, the Manhattan district attorney. He says these apps are exposing many people to scammers and thieves and are costing them a lot of their hard-earned cash.
In response, Bragg has written letters to the companies that own these apps, demanding they improve their security and protect their users from scams and thefts.
His specific request is that they impose limits on transactions, require secondary verification of up to a day and better monitor unusual activity. He says he is requesting meetings with the companies to discuss these issues.
How an unlocked device can lead to financial disaster and personal harm
Bragg’s letters describe how these financial apps enable criminals to access unlocked devices and exploit them for financial gain and identity theft, saying,
“These crimes involve an unauthorized user gaining access to unlocked devices and then draining bank accounts of significant sums of money, making purchases with mobile financial applications, and using financial information from the applications to open new accounts.
“Offenders also take over the phone’s security by changing passwords, recovery accounts, and application settings. The ease with which offenders can collect five- and even six-figure windfalls in a matter of minutes is incentivizing a large number of individuals to commit these crimes, which are creating serious financial, and in some cases physical, harm to our residents.”
What are the mobile payment apps doing to prevent fraud?
The companies that own these apps have responded to Bragg’s comments and said that they are doing their best to provide a safe and reliable service to their customers. We reached out to all three companies. Here are their responses to us.
“PayPal and Venmo take the safety and security of our customers and their information very seriously. In addition to proactively leveraging sophisticated fraud detection tools, manual investigations, and partnering closely with law enforcement agencies to protect our customers against common scams, we have several options in place to enable enhanced layers of security and protection directly within our apps.” — PayPal and Venmo spokesperson
“Cash App continues to be committed to building trust with our customers and investing in areas that help build a safe and secure platform. We work proactively and diligently to safeguard our customer’s money and mitigate against the risk of fraud on our platform through a combination of preventative controls like multi-factor authentication, account transaction limits, fraud detection, and consumer education. We also partner with law enforcement agencies to detect and combat criminal activity.” — Cash App spokesperson
“We are aware of isolated criminal incidents described in the Manhattan District Attorney’s letter. Providing a safe and reliable service to consumers is the top priority of Early Warning Services, LLC, the network operator of Zelle®, and our 2,100 participating banks and credit unions. As a result of our continued efforts to build on Zelle’s strong foundation of security, less than one tenth of one percent of transactions are reported as fraud or scams, and that percentage keeps getting smaller. Our efforts include implementing industry-leading fraud and scam prevention measures for consumers like in-app safety notifications, and send limits and restrictions.” — Spokesperson for Early Warning Services, LLC, the network operator of Zelle
What’s the problem with mobile payment apps?
Bragg says that he is seeing a lot of cases where people have lost money or had their personal information stolen by using these apps. He said that this is happening because of the way these apps work on your phone or tablet. Here are three ways that crooks can cheat you or steal from you using these apps.
1) Phishing: This is when someone pretends to be someone else and sends you a message or email asking you to send money or give them your account details. For example, you might get a message from someone who says they are your friend, family member or a charity and they need your help urgently. Or you might get an email from someone who says they are your bank, the IRS or a mobile payment app and they need you to verify your account or update your information.
2) Spoofing: This is when someone creates a fake profile or account that looks like a real one and tries to fool you into sending money or accepting a payment. For example, you might get a payment request from someone who says they are selling something online, but their name, photo, or username is slightly different from the real seller. Or you might get a payment from someone who says they are a buyer, but they are actually using a fake check or a stolen credit card.
3) Device theft: This is when someone takes your phone or tablet and uses your mobile payment apps to take your money or make purchases without your permission. For example, someone might grab your phone while you are using it in public, or break into your car or home and take your device. Or someone might ask to use your phone for a legitimate reason, but then use it to access your mobile payment apps behind your back.
How can you protect yourself from mobile payment fraud?
Mobile payment apps have some security features to help protect you, but they are not enough, and you should not rely on them alone. You should also do these 10 things.
1) You should always access the payment app from the official app or website, and not from any third-party platforms or services.
2) Look at the security settings that the payment app offers and make sure they’re all set to the highest and most protective settings.
3) You should create a strong, unique, and complex password for each of your mobile payment apps and change it often. Consider using a password manager to generate and store complex passwords.
4) Enable two-factor authentication, which means that you need to enter a code or use your fingerprint or face to unlock your account to prevent unauthorized access. This way, even if someone knows your password, they can’t log in without your device or confirmation.
5) Lock your device and log out of your apps. You should always lock your phone with a password, PIN, pattern, fingerprint or face. Never share your password, PIN or security code with anyone. You should also log out of your mobile payment apps after each use and turn off the auto-login feature. This way, even if someone takes or borrows your device, they can’t access your mobile payment apps without your approval.
6) Verify the identity and legitimacy of the sender or receiver. You should always check the name, photo, username and contact information of the person or organization you are sending money to or receiving money from before accepting or sending any payment requests. You should also confirm the reason and amount of the transaction before you agree to it. If you are not sure or have any doubts, you should contact the person or organization directly through another way, such as a phone call, text message or email, but only if you know for sure that those forms of communication are legitimate. You should never send money or give your account details to anyone you don’t know or trust, or anyone who asks you to do so out of the blue.
7) Link your Venmo, Cash App and PayPal account to a credit card as opposed to a debit card, so you can dispute a charge from scammers more easily. Zelle does not allow credit card payments. However, keep in mind that linking a credit card to your payment app can provide additional protection in the event of fraud, but this can come with extra costs in terms of transaction fees.
8) Try not to keep a balance in your money-transferring apps. You have a much better chance of being helped by your bank or credit card company when it comes to fraud than you do from a money-transferring app.
9) Never click on links from unknown sources, especially when an email or text appears to have come from the payment App. Protect yourself from accidentally clicking malicious links by running antivirus software on your device. Get my picks for best antivirus software here.
10) Monitor your account activity and report any suspicious or unauthorized transactions. You should set up notifications from your payment app and your bank via text or email, and check your account activity regularly. Look for any signs of fraud, such as payments you didn’t make or receive, or changes to your account settings or information.
What to do if you believe you have been scammed on Zelle, Cash App or Venmo
1) If you notice any suspicious or unauthorized transactions, report them to the payment app as soon as possible. You can contact their customer support team or use the report feature on the app or website to report any scams, phishing attempts or unauthorized transactions. You can also block or unfriend any users who are involved in scams.
2) Second, if you used your bank account or credit card to fund the transaction, contact your bank or credit card issuer to report the fraud and dispute the charge.
3) The third step is to change your password immediately to prevent further unauthorized transactions. Consider using a password manager to generate and store complex passwords.
4) Also, if you believe you have been scammed, you can file a complaint with the Federal Trade Commission (FTC) to report the fraudulent activity.
5) If you feel your personal data has been stolen, and you want a service that will walk you through every step of the reporting and recovery process, one of the best things you can do to protect yourself from this type of fraud is to subscribe to an identity theft protection company.
This service will monitor personal information like your home title, Social Security Number (SSN), phone number and email address and alert you if it is being sold on the dark web or being used to open an account. It can also assist you in freezing your bank and credit card accounts to prevent further unauthorized use by criminals.
One of the best parts of using some services is that they might include identity theft insurance of up to $1 million to cover losses and legal fees and a white glove fraud resolution team where a U.S.-based case manager helps you recover any losses. Get my review of best identity theft protection software here.
6) Lastly, always report the scammer. If you have any information about the scammer, such as their name, phone number or email address, report it to the app company and the authorities.
Kurt’s key takeaways
Mobile payment apps are convenient and useful, but they also come with some risks that you are now aware of. By following these tips, you can protect yourself from mobile payment fraud and enjoy the benefits of these apps safely and securely.
Do you think these payment apps are doing enough to protect you from scammers? Let us know by writing us at Cyberguy.com/Contact.
For more of my tech tips & security alerts, subscribe to my free CyberGuy Report Newsletter by heading to Cyberguy.com/Newsletter.
Source