Broker Check

Avoid search engine financial scams

March 25, 2024

Scammers are using search engine optimization (SEO) to create fake websites that appear in search results for trusted institutions like Schwab. When clients visit these sites, they are exposed to phishing attacks aimed at stealing their information and assets.

How these scams work:

  • Knowledgeable fraudsters use sophisticated techniques to create websites that appear in search engines when clients are looking for Schwab or other trusted institutions. 
  • The websites are designed to look legitimate, and their position in the search results trick users into believing the top search hits are the most credible. This phishing tactic is very effective: after all, not every user will scrutinize every search result to ensure the link they're about to click is legitimate. 
  • Once the client clicks on the phishing website and attempts to log in with their credentials, they receive an error message stating there's a login issue and to contact a hotline number noted in the message for further assistance. 
  • When the client contacts the fraudulent number, the bad actor posing as a Schwab employee states that there's been a security breach, and someone is attempting to steal money from their account. 
  • Then, the bad actor attempts to convince the client to download software to their device. 
  • The overall goal is to gain access to the device and continue to facilitate additional fraud attacks, which can ultimately lead to unauthorized activity and ID theft

 


To help fight these schemes, you should avoid using Google, Safari, and Firefox to search for Schwab or other important websites. Instead, you should type the known website in your browser—for example, www.schwaballiance.comor use the Schwab Mobile app. You can also save all of your favorite websites' correct addresses to your browser's bookmarks.

Be sure to promptly report any issues like this to Schwab Alliance at 800-515-2157.