Christine Nelson was trying to find a home for her family, when she received a tempting offer from a seemingly credible source. The source reached out to her over Facebook messenger, and then directed her to a professional website, numerous representatives, and ultimately, convincing documentation. After Christine wired the source her last $750 — for which her husband had requested an advance on his salary — the source admitted to being a scammer. There went the Nelsons’ savings, along with any hopes of buying a home.

Since the outset of COVID-19, scammers have been particularly active, coming up with unlawful, inventive schemes to get homeowners to reveal private information. The Federal Bureau of Investigation reports 11,000 new scams amid COVID-19 — a more than 100% increase from this time last year. Because of some of the inherent stress surrounding mortgage payments, scammers often target homeowners, trying to convince them to pay for services they don’t need, to extract themselves from trouble they’re not in, or to give away personal information that no legitimate servicer would ever ask for.

We at TMS are always focusing on our customers’ solvency and security, so here, we have compiled some common schemes to look out for, and explained what to do if you find yourself approached by scammers.

Red Flags

Scammers rely on some nefarious methods that take advantage of natural human trust. These are some common approaches that will help you distinguish between a legitimate request and a scam.

• Pressure — Scammers will often ask you to act before a certain date. This is designed to make you fearful, and then to quell your fear by sending money. TMS will never pressure you this way. We will work with you to agree on terms that best fit your unique financial situation.
• Threaten Legal Action — Scammers will likely claim that failing to act will result in prosecution. Again, they want you to assume the worst, and do whatever it takes to make it go away. TMS’s Careologists are kind and instructive. They will never use intimidation tactics.
• Nontraditional Payment Methods — Scammers often demand that you send money via wire transfers, gift cards, prepaid debit or credit cards, or money transfer services like Western Union. TMS offers many payment options, so you can find the one that works best for you. We will never require you to pay by any single method, let alone a nontraditional one.
• Instruction to Mistrust TMS — Scammers will encourage you to doubt TMS’s authority and trust theirs. TMS always, always has your best interests in mind — don’t let a criminal convince you otherwise. We are licensed in all 50 states and the District of Columbia, and we are held to strict regulatory standards and oversight.
• Defensiveness/Irritation — If you question a scammer’s authority (which, if you happen to talk to one, you always should) they’ll get defensive. Because they have no legitimacy, they’ll try to make you feel bad for asking about it. When asked, any valid source — TMS or otherwise — will happily provide their credentials.

Types of Scams

Phishing

Phishing happens over email, and usually involves a fraudulent source asking for money, bank account details, Social Security numbers, or other private information. If you’ve ever gotten an email from a Nigerian prince eager to give you $200,000, you’ve experienced phishing.

What They’ll Do

• Demand Sensitive Info — Phishers will ask for things like bank account numbers, Social Security numbers — which you should never provide via email.
• Urgent Appeals — They will also urge you to act before a certain date, and possibly threaten phony legal action if you don’t. No legitimate source would ever do this.

What You Should Do

• Don’t Give Any Info — First and foremost, don’t do what they’re telling you to do. You should only provide this information to sources that you’re absolutely sure are valid. This goes for all types of schemes.
• Don’t Open Links/Attachments — Clicking on links and attachments is how phishers establish a link between themselves and your hardware. Attachments, in particular, may well be malware, designed to infiltrate your security systems and nab your vital information.
• Contact Us — If you think you’ve been the target of a phishing scam, call the Customer Care number provided in your Borrower Portal, or the number listed on your monthly statement. We’ll be able to tell you whether the email was from us (in all likelihood, it wasn’t.)

Vishing

Vishing is a kind of phishing scam that happens over the phone, rather than email. Like phishing, callers will request personal information — which, we can’t stress enough, you should never provide to unvalidated people.

What They’ll Do

• False Caller ID — There are now apps and websites that allow people to assume false caller IDs. Making caller IDs look familiar, like they’re coming from nearby towns or area codes, or even known service providers, is one way scammers make people more likely to pick up the phone.
• Become Defensive — If you demand to verify their identity, they of course won’t be able to. So, instead of accepting your demands, they’ll get defensive, and try to make you feel guilty for asking in the first place.

What You Should Do

• Don’t Answer/Hang Up — While it’s best not to answer at all, we understand that this might not always be possible. The moment something doesn’t seem right about the caller, hang up. If they call back, don’t answer. To be extra safe, block the number.
• Demand Credentials — If you’re speaking with someone who you think is illegitimate, demand that they provide their credentials. If they’re a legit source, they’ll provide them. If not, their emotion will intensify, and they’ll probably get defensive. This is a sure sign of fraudulent activity — hang up.
• Contact Us — After you’ve successfully protected your personal information by not answering or hanging up, let us know what happened immediately. We’ll be better able to protect both you and other customers who might be at risk.

SMShing (Smishing)

As you might have been able to guess by this point, Smishing is phishing conducted via SMS text message. Many of the same principles apply to this as to the other scamming methods, with the added step of reporting it the moment it happens.

What They’ll Do

• False Caller ID — Like vishing, scammers may fabricate caller IDs, making the texts look like they’re from legitimate senders.
• Demand Sensitive Info — Smishers will likely ask for financial account numbers, passwords, and other data that can easily be transmitted via text. TMS may send you text notifications, but we will never ask you to send sensitive information over text.

What You Should Do

• Don’t Reply — Either sending a return text or calling the number helps establish a link between you and them. Again, no legitimate servicer would ever request sensitive information in a text message.
• Report Them — You can report scam texts by forwarding them to 7726 (SPAM). This will help authorities track down scammers and make the world safer for everyone.
• Contact Us — As always, letting us know what happened will help us stay on top of the situation.

COVID-19 Scams

Scammers prey on vulnerability. In a crisis like COVID-19, many people are more vulnerable than usual, making it a ripe environment for defrauders. The Centers for Disease Control and Prevention (CDC) have reported COVID-19-related phishing and vishing scams, in which callers demand donations from their targets. Government agencies never call private citizens to request donations.

Also, taking advantage of misinformation that has spread in the wake of COVID-19 mortgage policies, some scammers have made calls impersonating Freddie Mac representatives, offering things like low interest rates and mortgage forgiveness. Like the CDC, Freddie Mac will never contact citizens for sales purposes offering unusually low interest rates.

If any of the above happens to you, follow the same instructions: Don’t open links or click attachments, hang up immediately, and let us know what happened.

Trust Your Gut

As the saying goes, if it sounds too good to be true, it probably is. Even though it might be tempting to accept an offer that would save you money, use common sense, and don’t get lured into a dangerous situation. If you have any doubt whatsoever about whether an offer is legitimate, or if a caller is really from TMS, call the Customer Care number listed in our Borrower Portal, or on your monthly mortgage statement. We’ll be able to give you a definitive answer, and we’ll be better equipped to protect you when we learn about the scam.

All in all: Never give up personal or financial information to a source you don’t completely trust, or over an unsecured email, text, message or phone call. Stay on your toes, particularly during a time like COVID-19. And most importantly, keep us in the loop. We’ve got your back.