Consumer Math Basics: Fraud and Identity Theft (Phishing, Skimming, Prevention, Recovery)

Consumer Math – Fraud and Identity Theft (Phishing, Skimming, Prevention, Recovery)

Fraud & Identity Theft: A Real-World Survival Guide

How to spot scams, protect your money, and fix things if you’re hacked—without the fluff.

What This Is

Fraud and identity theft happen when criminals steal your personal info (like your Social Security number, bank login, or credit card details) to drain your accounts, open fake loans, or buy stuff in your name.
Example: You get an email that looks like it’s from your bank, asking you to "verify your account" by clicking a link. You enter your password, and within minutes, $1,200 disappears from your checking account. Now you’re stuck fighting to get your money back while the thief spends it on gift cards or a new phone.

This guide teaches you how scams work, how to stop them before they start, and what to do if you’re already a victim—so you don’t lose your hard-earned cash.

Key Terms & Formulas

• Phishing: A scam where criminals trick you into giving up personal info (like passwords or SSN) by pretending to be a trusted company (e.g., your bank, Amazon, or the IRS). Example: You get a text saying, "Your PayPal account is locked! Click here to verify: bit.ly/fake-paypal."
• Smishing: Phishing done via SMS/text message. Example: "Your Netflix payment failed! Update your card here: [fake link]."
• Vishing: Phishing done via phone call. Example: A caller says, "This is the IRS. You owe $2,500 in back taxes. Pay now or we’ll arrest you."
• Skimming: When thieves install a tiny device on ATMs, gas pumps, or card readers to steal your card info when you swipe. Example: You use your debit card at a gas pump, and a week later, $800 in fraudulent charges appear.
• Identity Theft: When someone uses your personal info (name, SSN, birthdate) to open credit cards, take out loans, or file fake tax returns in your name. Example: You get a bill for a $5,000 credit card you never opened.
• Two-Factor Authentication (2FA): A security step that requires two proofs of identity (e.g., a password + a code texted to your phone). Example: Logging into your bank app requires your password and a 6-digit code sent to your phone.
• Credit Freeze: A free tool that locks your credit report so no one (including you) can open new accounts in your name. Example: You freeze your credit after a data breach, so scammers can’t take out a loan using your SSN.
• Fraud Alert: A free 1-year (or 7-year) warning on your credit report that tells lenders to double-check before approving new credit in your name. Example: You place a fraud alert after losing your wallet, so banks call you before issuing a new card.
• Chargeback: A way to dispute a fraudulent charge on your debit/credit card and get your money back. Example: You see a $300 charge for a TV you didn’t buy, so you call your bank and file a chargeback.
• Dark Web Monitoring: A service (often free from banks or credit bureaus) that scans the internet for your personal info being sold by criminals. Example: Your bank alerts you that your email and password were found in a hacker forum.
• Form: Fraud Loss Recovery
• Amount Recovered = (Fraudulent Charges) – (Deductible) – (Uncovered Fees)
• Variables:
  • Fraudulent Charges: Total $ stolen (e.g., $1,200).
  • Deductible: What you pay out of pocket (e.g., $50 for credit card fraud).
  • Uncovered Fees: Any costs not reimbursed (e.g., overdraft fees from the fraud).

Step-by-Step / Process Flow

1. How to Spot a Scam (Before You Lose Money)

✅ Check the sender’s email/phone number. Hover over links (don’t click!) to see the real URL. Example: An email from "[email protected]" is a scam—real Amazon emails end in "@amazon.com." ✅ Look for urgency or threats. Scammers say things like:
- "Your account will be closed in 24 hours if you don’t act now!"
- "The IRS is filing a lawsuit against you—call this number immediately!" ✅ Never give out passwords, SSN, or codes. Real companies never ask for your password or 2FA code over email, text, or phone.
✅ Verify with the real company. If you get a suspicious message, call the number on the back of your card or the official website (not the one in the message).

2. How to Protect Yourself (Prevention)

? Use strong, unique passwords. No "Password123" or "123456." Use a password manager (like Bitwarden or LastPass) to generate and store passwords.
? Enable 2FA everywhere. Turn on two-factor authentication for your bank, email, and social media. Example: Even if a hacker gets your Gmail password, they can’t log in without the code sent to your phone.
? Freeze your credit. It’s free, takes 5 minutes, and stops scammers from opening accounts in your name. Do it at:
- Experian
- Equifax
- TransUnion ? Monitor your accounts weekly. Check your bank and credit card statements for any charges you don’t recognize—even small ones (scammers test with $1 charges first).
? Use a credit card (not debit) for online purchases. Credit cards have better fraud protection (you’re not liable for fraudulent charges). Debit cards take money directly from your bank account, and it can take weeks to get it back.

3. What to Do If You’re a Victim (Recovery)

? Step 1: Freeze your credit (if you haven’t already). This stops new accounts from being opened.
? Step 2: Call your bank/credit card company. Report fraudulent charges and cancel the card. Example: "I didn’t make a $400 charge at Best Buy on 5/15—please dispute it." ? Step 3: File a police report. Some banks require this to refund your money. Go to your local police station or file online.
? Step 4: Report the fraud to the FTC. Go to IdentityTheft.gov and follow their step-by-step recovery plan.
? Step 5: Change all passwords. Especially for email, bank, and social media accounts.
? Step 6: Check your credit reports. Get free reports at AnnualCreditReport.com and dispute any fake accounts.

Common Mistakes

❌ Mistake: Clicking a link in a text/email "just to check." ✅ Correction: Never click links in unsolicited messages. Instead, go directly to the company’s website or call their official number. Why? Scammers make fake websites that look real to steal your login info.

❌ Mistake: Using the same password for multiple accounts.
✅ Correction: Use a unique password for every account (or a password manager). Why? If one account gets hacked (like your email), scammers can use that password to break into your bank, social media, and more.

❌ Mistake: Ignoring small, unfamiliar charges (like $1 or $5).
✅ Correction: Dispute every unauthorized charge, no matter how small. Why? Scammers test cards with tiny charges before making big purchases.

❌ Mistake: Sharing personal info (SSN, birthdate) on social media.
✅ Correction: Never post your full birthdate, address, or phone number online. Why? Scammers use this info to answer security questions (like "What’s your mother’s maiden name?") and hack your accounts.

❌ Mistake: Assuming "it won’t happen to me." ✅ Correction: Freeze your credit now—even if you’ve never been a victim. Why? Data breaches happen all the time (Equifax, Facebook, T-Mobile), and your info might already be for sale on the dark web.

Real-World Insights

? Banks don’t always refund fraud right away. Some make you wait 10+ days to investigate, and you might be on the hook for overdraft fees if the fraud drains your account. Solution: Keep a $500 emergency buffer in your checking account to cover fraud while you fight it.

? Gas pumps and ATMs are hotspots for skimming. How to spot a skimmer:
- The card reader sticks out or feels loose.
- The keypad is thicker than usual (a fake overlay).
- The security seal is broken or missing.
Solution: Use tap-to-pay (Apple Pay, Google Pay) or go inside to pay.

? Scammers love gift cards and wire transfers. If someone asks you to pay with iTunes gift cards, Google Play cards, or Western Union, it’s 100% a scam. No real company or government agency will ever ask for payment this way.

? Your phone number is a goldmine for scammers. If a hacker gets your phone number, they can:
- Port your number to a new SIM card and steal your 2FA codes.
- Call your bank pretending to be you and drain your account.
Solution: Ask your phone carrier to add a PIN or password to your account.

Quick Check Questions

1. You get a text saying, "Your Bank of America account is locked! Click here to verify: bit.ly/bank-fake." What should you do?
   a) Click the link and enter your login info to unlock it.
   b) Call the number on the back of your Bank of America card to check.
   c) Reply "STOP" to the text to opt out.
   ✅ Correct Answer: b Why? Never click links in unsolicited messages—call the real bank to verify.

2. A scammer steals your debit card info and spends $800. Your bank has a $50 fraud deductible. How much will you get back?
   a) $0
   b) $750
   c) $800
   ✅ Correct Answer: b Why? $800 (fraud) – $50 (deductible) = $750 recovered.

3. Which of these is the SAFEST way to pay online?
   a) Debit card
   b) Credit card
   c) Wire transfer
   ✅ Correct Answer: b Why? Credit cards have better fraud protection and don’t take money directly from your bank account.

Last-Minute Cram Sheet

1. ⚠️ Never click links in texts/emails—go to the real website instead.
2. Freeze your credit for free at Experian, Equifax, and TransUnion.
3. Enable 2FA on all accounts (bank, email, social media).
4. Check bank statements weekly for fraud—even $1 charges.
5. Use a credit card (not debit) for online purchases.
6. If hacked: Freeze credit → Call bank → File police report → Report to FTC.
7. ⚠️ No real company will ask for payment in gift cards or wire transfers.
8. Skimmers target gas pumps and ATMs—use tap-to-pay when possible.
9. Password managers > "Password123" for every account.
10. Your phone number is a target—add a PIN to your cell account.