Washington County Weekend Post

GMTODAY.COM SUNDAY, MAY 24, 2020 • WASHINGTON COUNTY POST • 3A (BPT) - While you take care to limit social interac- tions and wash your hands to prevent the spread of the coronavirus, you also need to take steps to protect your finances and identity. Scammers are now taking advantage of the COVID-19 pandemic to lure victims in with new phishing scams. "We know consumers are managing their money and finances online, so it's more important than ever to raise awareness of smart security practices," says Vice Presi- dent of Security at Navy Fed- eral Credit Union, Chip Kohlweiler. "Being proactive and learning about your security is a great step toward keeping your accounts and information safe. There's a good chance your bank or credit union has resources available for you to learn about how to identify scams, which is a great place to start." Phishing remains one of the top ways cybercriminals get access to your identifica- tion and financial informa- tion. Using phone calls, emails and even copycat websites, scammers are cre- ating content that appears official and related to COVID-19 - tricking you into revealing personal informa- tion like bank account num- bers, login IDs and pass- words. At the same time, by clicking a link, you may also unknowingly download mal- ware that infects your com- puter and captures your data. "Just because caller ID shows your financial institu- tion is calling, do not provide information such as one- time passcodes or PIN to the caller. Additionally, phony links in emails can be a major threat to your system. If you don't know the sender, a general rule of thumb is don't click any links in the email," says Kohlweiler. Here are a few tricks scammers are using in their phishing attempts: Names of real companies Phishers often use legiti- mate company names and copy the look of official web- sites and emails to fool you. Right now, they're even send- ing out correspondence that looks like it's from the World Health Organization, local governments or other trust- worthy sources. Be wary of unexpected emails from a "company employee" looking for infor- mation. Threats and urgent messages "Urgency is a big red flag. While you may have an urgent need, you should always validate it. If it's in regards to one of your accounts, call the company associated with the account from a number on their offi- cial website, or on a recent paper statement, to confirm if urgent action is needed," Kohlweiler advises. Official-looking URLs Sometimes the URL (web address) will look right, but instead of taking you to your intended website, it will lead you to a copycat website. Check to see if the URL begins with https://, which indicates a site is secure. Most phishing scams won't have a secure website. Never click on a URL within an email; instead, type the offi- cial URL into your browser. Wire transfer requests In these scenarios, a scammer sends what appears to be a legitimate email requesting a wire transfer to cover title, escrow or any number of other costs. Unfortunately, money you transfer as a result of the fraudster's email ends up in the fraudster's bank account - and you're not like- ly to get it back. If you receive such a request, call your financial institution to verify that it has made this request. "Once you know what to look for, you can start to use some best practices to avoid these scams," adds Kohlweil- er. 1. Set up your accounts for success. Using strong passwords (never the same for different sites), setting up transaction notifications and ensuring your contact information stays up to date with your financial institution are all easy ways to enhance your online security. 2. Call and verify. Be sure not to use a num- ber provided in a suspicious email or even in the Caller ID. Use numbers on your statements or policies or from the official website. 3. Look for bad spelling. Phishing emails often have unnatural or incorrect grammar and misspellings. Keep an eye out for grammar and spelling mistakes. 4. Beware of links. It pays to be wary of emails you're not expecting. If you're suspicious of an email, don't click on any links or buttons in the email. Hover your mouse over the link and see if the address that appears matches the link typed in the message. If it doesn't match, don't click on the link, as it could take you to fraudulent websites or download malicious soft- ware. 5. Read your statements. This can help you detect fraudulent transactions faster if your identity is stolen. 6. Increase your security. Consider using a pass- word manager solution to improve your security pos- ture. 7. Use a different comput- er. If you find fraudulent transactions on your account or suspect your info has been compromised, use a different computer to change your passwords. And, make sure you notify your finan- cial institution right away. 8. Keep up with the news. Stay up to date on news of phishing attacks to protect yourself. Anti-phishing orga- nizations, such as Anti- Phishing Working Group, provide lists of new and cur- rent phishing scams. Stay safe from COVID-19 scammers

• Cover