Cybercriminals use any opportunity they can to take advantage of unassuming people. The COVID-19 pandemic is no exception. As the world increasingly relies on the Internet, hackers relentlessly target consumers and businesses with phishing emails.
What are phishing emails?
“Phishing” is defined as “the practice of using fraudulent e-mails and copies of legitimate websites to extract financial data from computer users for purposes of identity theft.”
With the proliferation of online businesses, online banking, online shopping, and more, hackers are spoofing legitimate websites and sending emails that seem like real companies sent them.
Sometimes fraudsters will pair the phishing email with a phone call posing as a trusted person. They will call to say they just want to confirm you received their email, then ask you to click on the link. Be aware of this tactic.
Phishing email tactics
There are many phishing schemes, and fraudsters are constantly inventing more. It is important to stay updated on the latest scams. We have some recommended resources to do so at VantageWest.org/FraudCenter. One resource you will see there is the Federal Trade Commission’s (FTC) website. Here are several phishing tactics to watch for.
Often, fraudsters will create a sense of urgency by claiming that your account is locked and you must log in to access your account (whether it’s an online shopping, online banking, online medical portal, or another kind of account). They’ll include a link to log in, which takes the victim to a fraudulent website that steals their login information. Then the scammers can access the victim’s account and drain their funds and steal their identity.
Another phishing approach is to impersonate a trusted person in your life. The scammer may claim to be a family member, loved one, boss, or colleague. Always check the sending email address to confirm if it truly is your trusted person. If you have any doubts, use another communication method – like calling, text messaging, or social media – to reach your loved one and ask if they were really the one who emailed you.
Hackers will sometimes pose as technical support for your computer or other device. They will ask you to click on a link to give them access to your computer so they can help you fix it. Never give access to your computer to an unsolicited tech support agent.
Please remember that Vantage West will never ask for access to your computer or device screen. Nor will we ever request your online banking login information, PIN, or credit/debit card information. If someone asks for these, we recommend deleting the email and marking it as “junk” or “spam” in your inbox immediately.
We urge you to always use caution with any email that asks you to click a link or provide personal information. Below are more tips to protect yourself against fraud. We also have additional blogs like this, and examples of the latest phishing emails our Members and Security & Fraud team have reported, at VantageWest.org/FraudCenter. Please check this page frequently.
What you can do to protect yourself
1. Be skeptical and do not respond to a suspicious email or click the link, even if it appears to come from a trusted organization like Vantage West. To confirm the validity of any Vantage West email, please take a screenshot of the email and send it to Member.Service@VantageWest.org.
2. Do not let yourself be pressured into clicking on the link in any email. Scammers will often say a variation of one of the following:
- They have noticed suspicious activity on your account and tell or ask you to log in
- A deposit was made to your account, which was approved by your financial institution as a COVID-19 remedy, so you need to log in
- Your account has been restricted or flagged, so you need to log in
- You must confirm your identity by logging in
- A temporary hold was placed on your account, so please log in
3. Prior to clicking on any email links, hover over the link to identify which site it is directing you to. Often, scamming website addresses will be a jumble of letters and numbers. For example, you know Vantage West’s website is VantageWest.org. So if the website address in an email claiming to be from Vantage West asks you to log into any website other than VantageWest.org, you know it’s a phishing email. Use the same logic for any email from any person or organization asking you to click on a link. In this example, we would recommend simply typing VantageWest.org into your browser.
4. Do not enter personal information into any site that an email has directed you to. Instead, go directly to the website you normally access, that you know is legitimate.
5. Pay attention to spelling mistakes. Phishing emails often – though not always – contain typos and grammatical errors.
6. Never provide your online banking username or password, or credit card or debit card information to anyone.
7. Regularly update your devices with virus protection and intrusion prevention software. Consider setting this software to automatically update on all devices.
8. Report any suspicious Vantage West emails to us by taking a screenshot of the phishing email and forwarding that image to Member.Service@VantageWest.org.
9. If you clicked on a link and gave out your personal Vantage West information, immediately update your username and password and contact us at 800.888.7882. We recommend that you familiarize yourself with the warning signs that accompany email scams. For additional information, including samples of some of the latest scams we’ve seen, visit our Fraud Center at VantageWest.org/FraudCenter.
We are constantly working to protect you and share important updates like this so you can protect your identity, accounts, and other information. Stay safe, be vigilant, and remember that we are here for you!