| Threat actors continue to research their targets, impersonate trusted entities, and initiate communications through email, phone calls, and SMS text messaging to convince them to take action, such as divulging information or transferring funds. In bank impersonation scams, threat actors seek personal information, account numbers, passwords, and PINs. If threat actors gain access to bank accounts, they can update personal and financial information. Additionally, they can set up fictitious travel notices or memos to spend money outside the normal spending location and evade detection. Furthermore, threat actors will test accounts to see if they are being monitored. If threat actors perform a fraudulent transaction and the activity is not detected, they will perform additional transactions. Despite banks using Early Warning services to help fight bank fraud, bank impersonation scams are increasing. The Federal Trade Commission (FTC) revealed that bank impersonation was the top reported text message scam in 2022, and reports of this scam increased nearly twentyfold since 2019. The most popular choices of major banks used in impersonation scams included Bank of America, Wells Fargo, Chase, and Citibank. |
