fbpx

Text Fraud Targeting Schwab Users

We have been alerted that there is an active phishing text campaign in which clients receive a text message from an international number and it mentions a disbursement from the client’s account. It then asks to click on a link to log into their account to verify the transaction. Please review the red flags below to help clients identify if the text is a phishing attempt:

  • The texts are coming from different international phone numbers.
  • The texts notify that an ACH was debited from their Schwab account, typically in the thousands of dollars.
  • The text then instructs the client to cancel the disbursement if they did not request it, by replying “Y” and clicking on the link provided.
  • The link’s URL is a variation of a spoofed Schwab domain. For example https://schwbba.com, https://schwabd.com, https://schwbab.com, etc.

Be aware:

  • Schwab does not notify clients about completed transactions via text message.
  • Schwab does not send out text messages from international numbers.

Keep in mind: Unlike many other attacks, smishing isn’t necessarily an indication that your client has been compromised—the attackers send a message to a large number of randomly chosen phone numbers, hoping some of those people will respond.

Remember:

  • Do not click on links or attachments included in a text message.
  • Slow down if a message is urgent. Urgent account updates and limited time offers are red flags of possible smishing. Remain skeptical and proceed with caution.
  • Avoid using links or contact information from the message. Go directly to the official channels/websites.
  • Double check the phone number. International numbers or odd looking numbers, such as 4-digit phone numbers, are tactics that scammers use to mask their true phone number.
  • Do not enter your Schwab credentials or other personal information via an unverified link. Instead, enter the address you are familiar with directly into your browser to visit the trusted website to log in as usual.
  • Double check that the URL is not a subtle variation of the real one.
  • Do not call phone numbers received through unsolicited messages. Always use a verified number that you have used in the past or is found on your account statement.