April 9, 2020
Categories: Education & Security
Important Tips on Recognizing Scams and Keeping Your Money and Information Safe
As we deal with coronavirus and its effect on our lives, cybercriminals are busy coming up with new scams that take advantage of people’s concerns. These scams are very convincing. They trick people into giving up personal information, allowing cybercriminals to access accounts and withdraw funds. Others advertise products or ask for donations to help fight the disease. Some scams fool people into clicking a link, which then infects the victim’s computer with malware. Recognizing scams can be very difficult.
Please become familiar with the general tips below and read the scam examples with specific tips relating to that scam. You may wish to also share this page with friends and family.
General Tips on Avoiding Scams:
- Think before you click. Never click any link that you weren’t expecting.
- Never reveal personal information, work information, PINs or login information requested by anyone via email, text, a phone call or via a link. The Summit or any legitimate business will never ask for personal information this way.
- Never use the same password for multiple accounts. If you fall for a scam and give out login information, cybercriminals could access more of your accounts.
- Always log into your online accounts through a browser or mobile application rather than through an unexpected link.
- If something seems too good to be true, it probably is.
Scam example: “Official” emails claiming to have coronavirus information, products, or that ask for donations.
These emails often appear to come from trusted sources such as the Centers for Disease Control (CDC), the World Health Organization (WHO), another government agency or even The Summit. Actual logos are used and sometimes official web addresses.
These scams typically:
- “Alert” you to virus cases nearby, sometimes with a local map.
- Ask for donations to help victims of the virus.
- Offer bogus prevention or treatment products such as masks, thermometers and medication.
- Link to a page where victims enter account information, other personal information or passwords.
Tips:
- Ignore online offers for coronavirus vaccines, treatments or cures.
- Be suspicious of donation requests, especially those that ask for cash, wire transfers or gift cards.
- Ignore virus-related investment opportunities.
Scam example: Offers relating to federal economic stimulus payments.
In these scams, cybercriminals send emails or make calls claiming to represent the Internal Revenue Service (IRS), another government group or even the HR Department of your workplace.
These scams typically:
- Claim to have information on how the stimulus package benefits you.
- Ask for “required” information in order for you to receive your check.
- Claim to be able to get you stimulus funds early, often in return for a small fee.
Tips:
- Stimulus payments come from the IRS, which will not contact you via email without a previous arrangement.
- Hang up on any such calls and ignore email offers, no matter who it appears may have sent them.
- Call your HR Department if you receive a communication like this claiming to be from them.
- The IRS publishes the latest information on its website, irs.gov. Please refer to this website if you receive a questionable communication or if you would like to know more about the payments.
Scam example: Cybercriminals contacting people working from home.
In this scam, a cybercriminal poses as a member of your workplace’s support personnel. Cybercriminals can “spoof” any phone number they’d like, so even if a call looks like it’s coming from a legitimate source, it could be a scam.
These scams typically:
- Attempt to gain your trust by stating your job title, email address and any other information found online.
- Send you an email with a link to click for important information.
- Set up link clicks to infect the victim’s computer with malware or to trick the victim into giving up personal information.
Tips:
- If you receive scam calls at work, hang up and notify the appropriate department.
- When questioning if an email sent from someone in your company is real, give that person a call.
Scam example: Texted security alerts from mobile carriers.
Cybercriminals send text messages that appear to come from Verizon or another mobile service provider. The texts ask for login information and gain access to your account.
These scams typically:
- Look like a security alert.
- Warn you that your account will be disabled unless you validate it by clicking an included link.
- Link to a fake website that looks identical to Verizon’s login page.
- Ask for your login information.
Tips:
- Be suspicious of any urgent claim that demands action in order to avoid a bad result.
- No matter how real a communication or site looks, don’t reveal personal information.
Additional Tips:
For more tips on recognizing scams and fraud, visit the Fraud Prevention Center of summitfcu.org.
Cynthia Kolko, The Summit Federal Credit Union