About UsHeld once a year in Atlanta and Rome, the Citizens Academy gives community leaders, business professionals, religious leaders and other citizens an inside look at the FBI and its operations. | Member BenefitsAfter completing the Citizens Academy program, participants are encouraged to join the Citizens Academy Alumni Association. The alumni are active year-round in community projects, hosting speaker events, book signings, and supporting the FBI’s mission in the community by promoting internet safety and crime prevention awareness. |
Upcoming Events
June 15, 2026 – Nationwide Watch Party at FBI Headquarters
Time: 2:00 PM – 4:00 PM
Join us for a nationwide webinar focused on elder care fraud. Subject matter experts will provide valuable information, followed by a live panel discussion and Q&A session.
Citizens Academy graduates are invited to attend at FBI Headquarters.
Cyber Series
The Trap (2:14 PM)
Marcus Vance was not distracted. He was a sharp, organized logistics manager who prided himself on spotting inconsistencies.
It was a Tuesday afternoon. Marcus was at his desk, balancing a shipping deadline with a missed call from his daughter’s school. His phone buzzed.
( [BANK ALERT] Urgent: A real-time debit card transaction of $2,148.50 at a Target in Miami, FL is pending. If this was NOT you, reply 'NO' immediately to halt the transfer.)
Marcus felt a sudden spike in adrenaline a physiological reaction hackers rely on. He lived in Atlanta; he hadn't been to Miami in years. He typed NO and hit send.
Within ninety seconds, his phone rang. The Caller ID displayed the exact name and number of his financial institution: FIRST FIDELITY BANK.
Marcus answered. The voice on the line was crisp, calm, and professional, backed by the reassuring hum of what sounded like a busy corporate call center.
"Good afternoon, Mr. Vance. This is Jonathan from the Fraud Mitigation Department. We just received your 'NO' response. I want to assure you we've placed a temporary hold on this transaction, but we need to act quickly before the funds settle."
Marcus let out a breath. "Oh, thank goodness. No, that absolutely wasn't me."
Perfect, Jonathan replied smoothly. Our system indicates your mobile banking credentials may have been compromised. To permanently block this and secure your account, I am triggering an encrypted security token to your registered mobile device right now. When you receive that six-digit code, please read it back to me so I can authenticate your identity.
Ding. A text message slid down. Security Alert: Do not share this code. First Fidelity verification code: 492-881.
Marcus didn't hesitate. He was talking to the bank. The bank was trying to save him. "The code is 492-881," he said.
Authentication successful, Jonathan said. I am now migrating your balances to a secure, temporary escrow holding while we overnight your new plastic...
Marcus hung up. Five minutes later, he tried to log into his banking app. Invalid Credentials. He called the real number on the back of his card. After ten minutes on hold, the actual fraud department delivered the crushing blow: His account was wiped clean. $34,000 was gone.
Behind the Curtain
What Marcus couldn't see was the "director" behind this performance. The criminal wasn’t a genius breaking through a firewall; he was a con artist using basic, commercially available tools.
While the scammer was talking to Marcus, he had the real bank website open on his laptop. He typed in Marcus's username and clicked "Forgot Password."
When the bank's system automatically sent a legitimate One-Time Passcode (OTP) to Marcus's phone to verify the reset, the scammer intercepted it by simply asking Marcus to read it aloud.
The moment Marcus spoke those six digits, the criminal entered them, took over the account, and wired the funds away. The background noise? A pre-recorded loop of a call center playing softly through the microphone.
This scam is highly effective because it exploits urgency and authority. When our brains perceive an immediate financial threat, our logical thinking is hijacked by panic.
To protect yourself, implement these security measures:
- The moment any unexpected caller no matter how polite or alarming asks you for a passcode, PIN, or password sent to your phone, hang up immediately.
- Do not use any phone numbers provided by the caller or listed in a text link. Flip your physical debit or credit card over and dial the exact customer service number printed on the plastic.
- Speak to an agent through this verified channel. State clearly: "I just received an alert about fraud. Is there an active case on my account?" If it was a scam, the real bank will have zero record of the previous call
The Golden Rule: A text verification code is a key. If someone calls you and asks for that code, they are asking you to unlock your front door so they can walk inside. No legitimate bank will ever call you out of the blue and ask you to read back a temporary passcode. Period.
Content by 2inOne Security Group | Cyber education