Ideas & Insights

Staying Safe: Protect Yourself from Scams

Security Center 3/26/2020 10:06:22 AM

Fraudsters never stop. In fact, many cybercriminals are using the current world health situation as an opportunity to provoke fear and take advantage of unsuspecting people. Sunflower Bank wants to help keep you safe, so we’ve prepared some tips to keep in mind as we navigate this together.

Pandemic-related emails on the rise

As online users, we are all seeing a dramatic increase in the amount of coronavirus-related communication. Subsequently, fraudsters are exploiting this pandemic to find more phishing victims. “Phishing” is the term used to describe a fraudulent attempt (usually through email) to steal sensitive information, get money, or get the user to download something. Fraudsters design emails to look like coronavirus information—hoping that users are too distracted and overwhelmed with COVID-19 communications to notice the difference. Although most of the pandemic emails from companies are legitimate, you must take extra caution at this time and delete anything that doesn’t seem “quite right.“

Coronavirus phishing examples

Be wary of emails that claim to be from official agencies. Some recent examples are below.

CDC alerts: Cybercriminals are sending emails that claim to come from the U.S. Centers for Disease Control. The email tries to get you to click on a link about coronavirus cases in your area. “You are immediately advised to go through the cases above for safety hazard,” the text of one phishing email reads.

Health advice emails: These emails offer purported medical advice to help protect you against the coronavirus. “This little measure can save you,” one phishing email says. “Use the link below to download Safety Measures.” A file is attached that contains malware.

Employer policy emails or messages from a Benefits Provider: These emails target workplace or personal email accounts. One phishing email begins, “All, Due to the coronavirus outbreak, [company name] is actively taking safety precautions by instituting a Communicable Disease Management Policy.” When users click on the fake company policy, they download malicious software.

Tips for recognizing scams

  • Beware of unknown phone numbers or suspicious text messages.  There are no “free” coronavirus tests – an official test would only be offered or performed in a medical facility by medical professionals. 
    • A text message may claim that the government is ordering a mandatory quarantine or instruct you to go out and stock up on supplies.
  • Beware of any contact representing themselves as representatives of a government agency such as the World Health Organization (WHO) or the National Security Council – these agencies would never reach out to you directly, rather, they would inform the public through their own authorized website or legitimate news media sources.
  • Beware of online requests for personal information. Legitimate government agencies are not sending out emails asking for personal information, Social Security numbers, passwords or bank account information.
    • Check the email address or link. On a computer, you can inspect a link by hovering the mouse pointer over the URL. Sometimes, it is obvious the web address is not legitimate, but keep in mind that cybercriminals can create links that closely resemble trusted websites. Look closely!
    • Watch for spelling and grammatical mistakes. If an email includes spelling, punctuation or grammatical errors, it is probably a phishing email. Delete it.
    • Look for generic greetings. Phishing emails are unlikely to use your name. Generic greetings like “Dear sir or madam” are warning flags that an email is not legitimate.
    • Avoid emails that insist you act now. Phishing emails often try to create a sense of urgency or demand immediate action. The goal is to get you to click on a link and provide personal information right now. Instead, delete the message.
  • Stay Up-to-Date. Look to reliable websites like the Federal Communication Commission (FCC) for examples of the latest scam warnings and safety tips.

When in doubt, throw it out – or hang up!

Government agencies, medical centers, financial institutions and other legitimate companies do not send unsolicited emails, make phone calls, or send text messages that ask you to reveal personal information. The best advice is to delete any email or text message, or hang up on phone calls, that feel suspicious.

We are all learning how to adjust and adapt to the current situation as it unfolds. Sunflower Bank is proud to be a financial partner to our customers, and want you to stay safe online and in your home as we work through this together. Visit our Bank at Home FAQ page for more information on accessing banking services from your computer or mobile device.