Mobile security: Reducing your risk of fraud and scams

From copycat apps to suspicious texts, learn what to watch out for.

Like many people, you might have your card and bank account information stored in apps or in the mobile wallet on your cellphone. While mobile banking technology makes online shopping and banking more easily accessible, it has also inspired a new breed of hackers who are on a mission to steal your information. 

So how do you protect yourself from mobile identity theft? If you know what to look for, these signs could help you identify and prevent data theft and credit card fraud.  

1. Watch out for text scams impersonating your “bank”

You receive a text that appears to be from your credit card issuer or bank. You’re told to click on a link to resolve an issue with your account. But there’s a problem—it’s not really your bank. Text phishing, also known as smishing, tries to trick you into providing personal information and/or installing malware, which steals your personal information. 

Messages from short codes like “+1410” could be warning signs: Text scams don’t always come from traditional 10-digit phone numbers. If you think a text is suspicious, don’t click on the link. Scammers can design fake sign-in pages. Always sign in to your financial institution’s page directly. 

If you suspect people are posing as Capital One, you can report it by emailing You can also read more about Capital One’s commitment to protect your personal and financial information.

2. Beware of calls asking for your personal info

Hackers may use an even more direct approach to access your personal information—just asking for it. It’s called vishing. Here’s how it happens: A scammer calls to warn you of an issue with your account and asks for your credit card, debit card or Social Security number to fix the problem. Don’t risk it—call your credit card issuer or bank directly to see whether there’s really an issue. You can find those numbers on the back of your card, in your banking app or on your statement.

3. Keep an eye out for phony apps

Another way hackers attempt to access the data on your phone is through potentially harmful apps. If you download one to your mobile device, your personal information could be exposed. These fake apps are sometimes installed by clicking on a link or pop-up ad, but they may also be available in your phone’s app store, like Google Play. 

If you’re not sure an app is safe, do a quick internet search about it and the developer before you download and install anything.

4. Don’t trust fake friends

If you receive a direct message or a “follow” or friend request from someone you don’t know, be careful. Hackers often use social media platforms to socially engineer targets so that they can thereafter engage in direct communications that contain malicious links that can compromise mobile devices and computers. If you don’t recognize the person, or the link looks suspicious, don’t respond. Delete the message or request.

Strangers aren’t all you have to worry about. Hackers will check to see whom you are friends with, then impersonate them. So if your Aunt Molly reaches out to you asking for money or trying to get you to click on a link, check with her first to confirm whether it’s real or fraudulent.

5. Don’t trust fake employees

Hackers often impersonate bosses or co-workers via social media ads, posts and messages to gain personal information. This type of scam is known as business email compromise (BEC) or email account compromise (EAC).

The FBI suggests being careful with what information you share online or on social media, and don’t click on anything in an unsolicited email or text message asking you to update or verify account information. Click here to learn more about BEC scams and how to protect yourself from them.

6. Don’t forget to clear your phone

When it’s time to get rid of your phone, make sure you erase all your personal information. If you don’t, you could leave yourself vulnerable to identity theft. Everything from your address to your bank info could be on your phone. To erase your phone, look on the manufacturer’s website or check with your service provider for instructions.

Protect your account online

Keep tabs on your account anytime, anywhere with the Capital One Mobile app.

Learn more

Related Content