Fraudsters have taken to mobile banking’s Zelle app to drain people’s bank accounts, according to NBC News.
Using social engineering, the criminals called victims from an 800 number that appeared to be their bank’s fraud department, NBC reported. “All banking-related websites and apps are vulnerable to scammers. But experts say Zelle is a particularly appealing target because, unlike other peer-to-peer payment apps like Venmo, it's embedded within banking apps and automatically connected to user accounts.”
This isn’t the first time that users have reported problems with the peer-to-peer money sharing service. In May of 2018, ABC news reported that consumers in the San Francisco Bay area had issues with funds being deposited into the wrong account. In many cases, individuals were not able to retrieve those funds.
"As more financial interactions are becoming real-time they create new vulnerabilities for fraudsters to abuse, and naturally the closer they are to larger sources of money (especially bank accounts) the more attractive they become,” said Michael Reitblat, CEO and co-founder of Forter. “It's important to understand that two-factor authentication isn't a silver bullet for fraud prevention. With very little social engineering, or simply using other authentication processes built into devices, fraudsters can easily bypass them.
“On the flip side, a legitimate transaction may trigger additional authentication processes or a transaction may be denied altogether due to a merchant or bank incorrectly suspecting fraud. Too often we see companies rely on multi-factor-authentication but then enable freedom of passage afterward. Authentication has to be continuous and appropriate to the context. Leveraging an array of technologies, and a very wide view of all activities (good and bad) is the best way to minimize fraud while enabling all the new, seamless, experiences banks and FinTechs are building for consumers."