Search Engine Optimization (SEO) Scams are Targeting Clients

March 25, 2024

Scammers are using search engine optimization (SEO) to create fake websites that appear in search results for trusted institutions. When clients visit these sites, they are exposed to phishing attacks that aim to steal their information and assets.

How These Scams Work

• Knowledgeable fraudsters use sophisticated techniques to create websites that appear in search engines when clients are looking for Schwab or other trusted institutions.
• The websites are designed to look legitimate, and their position in the search results tricks users into believing the top search hits are the most credible. This phishing tactic is very effective: after all, not every user will scrutinize every search result to ensure the link they're about to click is legitimate.
• Once the client clicks on the phishing website and attempts to log in with their credentials, they receive an error message stating there's a login issue and to contact a hotline number noted in the message for further assistance.
• When the client contacts the fraudulent number, the bad actor posing as a Schwab employee states that there's been a security breach, and someone is attempting to steal money from their account.
• Then, the bad actor attempts to convince the client to download software to their device.
• The overall goal is to gain access to the device and continue to facilitate additional fraud attacks, which can ultimately lead to unauthorized activity and ID theft.
• To help fight these schemes, clients should avoid using Google, Safari, and Firefox to search for Schwab or other important websites. Instead, they should type the known website in their browers. They can also save all of their favorite websites' correct addresses to their browser's bookmarks.

Be sure to report any issues like this to the financial institutions promptly.