How to Stay Safe and Secure Online This Year

From working from home to distance learning, many of us are online more than ever before due to the global pandemic. With more time online comes more risk of scams, identity theft and fraud. Our Information Security and Fraud teams recommend the following tips to stay safe and secure online, all year round.

COMMON SCAMS
Scammers are constantly becoming more deceptive and savvy. If you think you may have been scammed, or one of the situations below sound familiar to you, contact your financial institution immediately. Tell them about your situation and any information that might be compromised. You can request to block or close your accounts to help protect you from financial loss.

Romance Scams
In 2019 alone, more than $201 million in losses due to romance scams was reported to the Federal Trade Commission (FTC). Scammers create fake profiles on dating sites and apps, or contact individuals through social media sites like Instagram and Facebook. They start a relationship with their victim online and build trust using phone calls, email, text message, and sometimes even video chat. Then they make up a story, and ask for money, or ask you to give them your banking information. Some common stories are listed below to help you identify if you are a victim of this kind of scam:

• Living or working overseas and is “stuck” (oil rigger, military, doctor) without access to a US bank account
• Needs funds to come home, pay for a plane ticket or other travel expenses
• Is in the hospital, or someone close to him/her is in the hospital and needs help
• Has the money but can’t access it currently and will “pay you back” soon
• Needs to pay customs fees to retrieve something
• Needs to pay for a visa, or other official travel documents

Click to see full infographic from the Federal Trade Commission

Get Rich Scams
Money mule scams involve a scammer sending you money which you are then asked to send on to someone else. Sometimes you are told you will get to keep a portion of the money. But the money they sent is stolen, and the story they are telling you is fake. These types of scams can take many forms. Below are a few examples:

• A letter, email, or text saying that you have won the lottery (i.e. - Publisher's Clearing House) and need to send money to pay taxes on it before the winnings are released to you.
• A request for you to be a mystery shopper or do some other kind of job, where you will be paid, but the payment you receive is for more than the amount you are owed. You are asked to send the extra funds back to the fraudster or to someone else.
• Selling an item on Craigslist or some other website, and the purchaser sends you more than the cost of the item. You are asked to send the extra funds back to the scammer, or to someone else.
• Sent money and asked to purchase gift cards (i.e. - Amazon, Wal-Mart, Longs, iTunes, etc.) and either send the gift cards or a picture of the card information back to the fraudster or to someone else.

Click to see full infographic from the Federal Trade Commission

Government Official Scams
These types of scams happen when someone claiming to be some sort of “official” contacts you and claims that you owe money. These scammers often say they are affiliated with the government or some other sort of official in a position of power to scare you into giving them money or your banking information. They may claim to be an attorney, Certified Public Accountant (CPA), or part of the Federal Bureau of Investigation (FBI), Honolulu Police Department (HPD), or Internal Revenue Service (IRS). These scams are sometimes done via phishing email, phone calls or text messages.

HOW TO AVOID BEING SCAMMED
There are a number of ways you can protect yourself and others from being scammed. Remember, you should never share: login credentials, including usernames and passwords, your Debit Card Pin Numbers, or any Secure Access Codes (One-Time Passcodes) with others. Here are a few tips to avoid being scammed:

• Look for Phishing: Take a close look at your emails before opening or responding to them to avoid phishing scams. The most common threat vector for attackers is a phishing email. Remember to think before you click. Don’t click on links from unknown sources. Check for phishy email addresses (e.g. john@amazon.net) and don’t open random attachments. If a deal or offer seems too good to be true, it probably is.
• Protect Your Devices: Protect yourself from cyberattacks by separating your work and personal devices. This minimizes the risk of an attack reaching your workplace, or vice versa.
• Double-Check Domain Names: Make sure you visit sites that have “https://” or a lock symbol in the browser. These sites are protected. Use the correct URLs for websites you are visiting. One of the top threats currently is cybersquatting, where cybercriminals register domain names which appear related to be existing domains or brands with the intent of profiting from typing mistakes.
• Beware of Formjacking: Keep an eye on your credit card statements to catch formjacking attacks and other suspicious activity. Formjacking is when cybercriminals inject malicious code to hack a website and steal credit card details and other personal information from payment forms captured on the “checkout” page. Check your statements regularly and use a credit card or prepaid gift card when making purchases online. This ensures a quick resolution in the event that a cybercriminal gets the card information and makes or tries to make a purchase. With prepaid gift cards in particular, it also limits the amount of money a cybercriminal has the potential to steal. Consider not storing your payment information for one-time purchases.

For more tips and information, visit our Information Security, Fraud & Privacy Hub.