If you’re going to choose a day to avoid the internet, consider a Tuesday: That’s the day of the week when malicious online activity starts to peak, according to a recent report from the security firm eSentire.
In general, mid-week days are favored by hackers, who seem to keep regular business hours, as that’s when they’re most likely to trick people via work email. Tuesday, Wednesday and Thursday are the three worst days for attacks, per the report, ranging from attempts to install malicious code to information gathering, a process more commonly known as “phishing.”
How does phishing work, exactly? One canonical example is probably the “Nigerian prince” scam, where someone posing as royalty promises a fortune if you help them transfer money using your own bank. If you’re unfortunate enough to fall for the scam, the person on the other end can then use your banking information to empty your accounts.
Yet phishing scams have become more sophisticated, and hackers are getting better at making it look like their communications are coming from a person or company you know as opposed to strangers overseas. And tactics like phishing are also joined by smishing and vishing, which is when phishers use text (SMS) or voice phone calls.
Here are three of the scariest scams making the rounds right now — and how to spot and avoid falling for them.
1. Emails that look like they’re coming from your bank
It should come as little surprise that hackers have already tried to capitalize on the Equifax leak, which has left frantic consumers anxious about their personal information. One increasingly common tactic, according to a recent Washington Post report, is to send victims emails that look like they’re coming from the person’s bank or financial institution.
The idea is you’re more likely to fall for a trick email from your bank if you’re already paying closer attention to your credit information. Hundreds of such scams have circulated since August, the security company Barracuda Networks told the Post, with many of the emails appear to come from popular institutions like TD Bank and Bank of America.
These emails tend to look pretty legitimate, with logos and sometimes even a confidentiality agreement included at the bottom. One way to spot them is to pay close attention to any communication that asks you to download an attachment — since that’s not something a legitimate banking institution is typically going to ask for via email. When in doubt, call your bank first.
2. Emails that look like they’re from Netflix
This one’s arguably even sneakier: Another scam hitting people’s emails is one that appears to be from Netflix.
“We’re having some trouble with your current billing information” the fake email reads, according to a WGN TV report. “You may want to update your payment info.” You can see a draft of one version of the email that was captured and shared by a British designer on Twitter.
There are a few different versions of the scam, according to WGN’s report. In some cases, you’ll be asked to share your personal or billing information via email, which the company is never going to ask you to do. Luckily, there is a pretty simple way to spot this one — simply log into your Netflix account and see if you’re still active.
3. Calls or texts that look like they’re from someone you know
A final scam you might not be aware of? A privacy tool called SpoofCard has possibly become a favorite of hackers — it lets you choose any phone number you want and have it show up as your caller ID. SpoofCard can also disguise your voice, another feature that can have potentially unscrupulous uses.
In Hawaii, KOHN reported a scam in which perpetrators successfully made it look like they were calling from the Bank of Hawaii about a credit card offer. Victims were eventually asked to share their personal information and credit card numbers. Though it’s unclear exactly how the scammers pulled this off, it’s a reminder to beware giving away any personal information to someone who cold contacts you: Again, sensitive personal information is not something your financial institution will ask you to share over the phone.
It’s always a good idea to avoid answering calls from numbers you don’t recognize and to hang up — without saying anything — the second you think a phone call starts to seem suspicious. Some scammers actually record your voice and use it for fraudulent purposes if you speak: Hackers ask leading questions like “Can you hear me?” so they can record you answering “yes,” and then use the recording to authorize charges your bank flags as suspicious.
Finally, remember scammers may try to reach you via text message, aka smishing. Smishing is actually about seven times more common than phishing scams via email, according to a Yahoo! report. Here are some other scams to watch out for right now.
One sad but unfortunate reality? Financial fraud tends to spike when people are in dire straights. To that end, the government has reportedly deployed extra anti-fraud investors to Florida to help identify and stop scammers preying on victims of Hurricane Irma.
Sign up for the Payoff — your weekly crash course on how to live your best financial life.