This is a screenshot of the actual web address we found the fake link pointing to. If you open this image up, you will notice that the URL is absolutely not Charles Schwab! But, the page itself looks similar enough that it is hard to fault someone who doesn’t notice.
After attempting to login, an error page appears that suggests the account has been accessed without authorization.
Our client called the number and the scammer on the other end apparently made some guesses that were correct and made it sound like he/she was the real Charles Schwab help desk.
The scammer told our client to stay off their computer for about an hour while they “fixed” the problem. A while later our client attempted to login to their account on their phone and saw that a large sum of money was missing. They were able to get in touch with the real Schwab support team and found that they had indeed been a victim of theft.
What can I do to help prevent this from happening to me?
- The best thing you can do to prevent this from happening to you is to be vigilant! It is hard to actually pay attention to what you are doing all the time with all of these required pop-ups like GDPR cookie notices, but we have to!
- Another thing that you can do is bookmark your pages rather than search for them. By bookmarking, you bypass much of the chance of getting hit by a fake link.
- Perhaps most important, never call or click the link of the error page! Always verify the number is correct before you call or click.
- Lastly, if you have been tricked by something, be sure you change your passwords!