tl;dr
A senior bank executive warns of a surge in scams enabled by credit agency breaches, as cybercriminals use stolen data to execute personalized fraud schemes that drain victims' accounts.
**Bank Executive Warns of Rising Scams Enabled by Credit Agency Hacks**
A senior executive at a U.S. bank has sounded the alarm about a surge in scams fueled by data breaches at credit reporting agencies, which are being exploited by cybercriminals to drain customers’ accounts. Chris Zampogna, senior vice president and security officer at Pennsylvania-based Mid Penn Bank, told NBC10 News in Philadelphia that the theft of personal information from the dark web is enabling fraudsters to commit devastating financial crimes.
Zampogna described how scammers are leveraging stolen data to target victims with highly personalized schemes. “Losses are astronomical because they’re wiping people’s accounts out, because you gave them the keys to the castle,” he said, emphasizing the severity of the threat.
The scam typically begins with a call that appears to originate from the victim’s bank. Scammers use details obtained from hacked credit reporting agencies to mimic legitimate institutions, often citing specific account information or recent transactions. “They say they’re with [your bank]. It’s all out there. This information is all out there. All the different credit reporting agencies over the years, many of them have been hacked,” Zampogna explained.
Once victims are convinced of the scammer’s authenticity, the fraudsters exploit their fear by claiming there is “suspicious activity” on their accounts. For example, they might allege unauthorized wire transfers and offer to “help” the victim resolve the issue. “You panic because you think, ‘I’m not sending a wire,’ and sure enough, they’ll say, ‘Well, let’s help. Let’s look into that to help you,’” Zampogna said.
The critical moment comes when scammers trick victims into disclosing their usernames, passwords, and Multi-Factor Authentication (MFA) codes. “Once they have that, with a couple clicks of a button, they can clean you out,” he warned.
The executive highlighted the vulnerability of customers who unknowingly share their credentials, stressing that the stolen data from credit agencies provides scammers with the tools to execute these attacks with alarming precision. He urged consumers to remain vigilant, particularly when receiving unsolicited calls or messages requesting sensitive information.
While the article does not outline specific solutions, Zampogna’s remarks underscore the growing threat posed by cybercrime and the importance of robust security measures. As credit reporting agencies continue to face breaches, experts warn that individuals must take proactive steps to protect their personal and financial data.
The incident serves as a stark reminder of the far-reaching consequences of data leaks and the need for both institutions and consumers to prioritize cybersecurity in an increasingly digital world.