First Midwest BankFirst Midwest Bank logoArrow DownIcon of an arrow pointing downwardsArrow LeftIcon of an arrow pointing to the leftArrow RightIcon of an arrow pointing to the rightArrow UpIcon of an arrow pointing upwardsBank IconIcon of a bank buildingCheck IconIcon of a bank checkCheckmark IconIcon of a checkmarkCredit-Card IconIcon of a credit-cardFunds IconIcon of hands holding a bag of moneyAlert IconIcon of an exclaimation markIdea IconIcon of a bright light bulbKey IconIcon of a keyLock IconIcon of a padlockMail IconIcon of an envelopeMobile Banking IconIcon of a mobile phone with a dollar sign in a speech bubbleMoney in Home IconIcon of a dollar sign inside of a housePhone IconIcon of a phone handsetPlanning IconIcon of a compassReload IconIcon of two arrows pointing head to tail in a circleSearch IconIcon of a magnifying glassFacebook IconIcon of the Facebook logoLinkedIn IconIcon of the LinkedIn LogoXX Symbol, typically used to close a menu
Skip to nav Skip to content

Beware of the Latest P2P Payment Scam Alert

Peer-to-peer payment (P2P) systems are wonderful – as long as you stick to paying people you know and trust.

If you use a peer-to-peer (P2P) payment systems like Popmoney, Zelle®, or Venmo, you’re likely confident in what you’re doing. You wouldn’t let a stranger change your password. Or send money to a totally random person. You’re too smart for that – right? 

In the latest P2P scam, that’s exactly what fraudsters are getting people to do. 

How this highly effective scam works:

  • You get a text asking if you recently sent $XXXX dollars via Zelle® (or another platform) to a person you don’t recognize. The text may even look like it’s coming from your bank. You respond “No,” because of course you didn’t.
  • Immediately, your phone rings. The caller’s identity is spoofed to be your bank. You pick up the phone and feel relief – this person is going to help you resolve this unauthorized P2P payment.
  • Of course, in reality, you never made any such payment. A fraudster is on the other end. They’re trying to *get* you to make an unauthorized payment – or give them your account info, so they can log in as you and pay themselves. The conversation next goes one of two ways:
    • The fraudster asks for your online User Name to verify your account. You tell them and get a text that has a 6-digit code – the fraudster wants that code to complete the verification. In reality, that’s your password reset confirmation. Once the fraudster has that, they can create a new password for your account and login as you – and send themselves money.
    • Or, the fraudster says they need to verify the phone number on your account to recover your funds. You tell them and get a text that has a 6-digit code – the fraudster wants that code to complete the verification. In reality, that’s the confirmation of them switching your phone number to their P2P account. 

In this instance, the fraudster next asks you to log in and send money to your own phone number in the amount you (supposedly) lost – and says the bank will take care of the rest. What’s actually happening: since your number was transferred to their account, when you send the missing funds to your phone number, you’re actually sending your money straight to a criminal.  

Why is this scam effective? 

It’s all about social engineering. What does that mean? The fraudster is creating an environment where you are overwhelmed, worried and in need of help. You think your money has vanished. You’re panicked. Who makes good decisions when they’re panicked? No one! 

The fraudster has presented themselves as the hero riding to your rescue. The scenario is believable enough that far too many people are providing the information requested – because they think it’s the easiest path to getting back the money they (supposedly) lost.

In fact, it’s the opposite – people are giving away information that leads to them losing money. 

How can you protect yourself?

If someone calls you and starts asking for identifying information and passcodes, put your guard up. Old National will never call or text you and ask for your account information. We will also never rush, pressure or badger you about codes or passwords. If at any point you are concerned or unsure, hang up and call Old National directly at 800-731-2265. When you call our number, you will know you are talking to us.  

Whenever someone asks you to provide a 6-digit code that appears on your phone, you should be very suspicious. That’s the second part of a two-factor authentication. That should always be kept private. In fact, the second stage verification will say DO NOT SHARE WITH ANYONE. Believe it. Under no circumstances will Old National (or any other bank) ask you for a code like that. 

In this case – and in many other instances of fraud – it would make sense to independently verify a claim you are hearing. If someone texts you and asks if you sent $XXXX dollars via Popmoney to someone you don’t know … take a deep breath, log in to your account yourself and see if any money has been sent. If you see no register of the activity – that would be a sign someone is trying to trick you. 

Instead of responding to the fraudster, call us at 800-731-2265, report the incident and confirm with us that your account is safe. 

What about peer-to-peer payment systems? 

Peer-to-peer payments like Zelle®, Popmoney and Venmo are very safe. They are set up so that no banking information is shared between the person who sends money and the person who receives money. In other words, unlike paper checks or credit cards, no one will be able to glean account information from your payment. 

Peer-to-peer payments are also incredibly convenient. They are far less cumbersome than cash – you can pay friends and family in seconds without needing to make change. However, much like with cash, you should only use a peer-to-peer payment system with people you know and trust. With any transaction, just think to yourself: “Would I be comfortable doing this in cash?” If the answer is yes, proceed. If you follow this guideline, you should be safe. 

Also, when it comes to your peer-to-peer credentials, those are yours and yours alone. Your financial institution will not ask you to provide your peer-to-peer passwords or codes, or ask you to do anything as unorthodox as “pay yourself” and then they’ll take care of the rest. 

Thank you for keeping your account safe

We appreciate your staying aware of the latest scams, following the best information-security practices, using strong passwords, and always hanging up if you get a phone call asking for your banking information.

As one last reminder: if you ever have any questions about the safety of your accounts, don’t talk or text with a stranger. Instead, call Old National Bank directly at 800-731-2265. We’ll always be happy to help.

Subscribe for Insights

Subscribe