A First Foundation Blog

Watch Out for the “Pay Yourself" Scam

| 10/6/22 12:24 PM

Recently, scammers are utilizing a popular online payment platform called Zelle to steal your money. The scam is a form of a phishing attack where the scammer pretends to be a bank representative alerting you of a fraudulent activity on your account. The scammer offers to stop the fraudulent activity by asking you to send yourself money with Zelle. By utilizing scare tactics and a sense of urgency, scammers get unsuspecting victims to act fast which is exactly what they want you to do.

How The “Pay Yourself” Scam Works

  • You receive a text message that looks like a fraud alert from our bank. The text message may look like this: “Fraud Alert: Did you approve a transaction of $1000?”
  • If you respond to the alert, you’ll receive a call from a number that appears to be our bank but it’s the scammer calling.
  • The scammer pretends to be our bank representative and offers to stop the fraudulent activity by asking you to send money to yourself with Zelle.
  • When you enroll to Zelle with your cellphone, you will receive a one-time passcode from our bank.
  • The scammer will ask you for that one-time passcode that you just received, lying that they need the passcode to authorize the payment to yourself.
  • Once you give them the code, the scammers will use it to enroll their bank account with Zelle using your email and phone number.
  • The money that you thought you were sending to yourself is sent directly to the scammer’s bank account. 

Remember, we will NEVER ask you to send money to yourself or anyone else. That’s a red flag! You can avoid becoming a victim of these kind of scams by following best practices.

Best Practices to Combat Attacks

  • Never share account numbers, PINs, passwords or any personal information with anyone. 
  • If you receive alerts for fraudulent activity, contact us directly with the number listed on your bank issued credit or debit card or visit our official website.
  • Don’t click on links in text messages or emails from people you don’t know. 
  • Don’t call the number in a text, email or voicemail which could connect you directly to the scammer.

Understanding the red flags of an attack is important in protecting your assets. Be suspicious and scrutinize any messages you receive. Stay safe!

Yui Tamaki, Security Analyst
About the Author
Yui Tamaki, Security Analyst