Fraud Awareness banner 2

Protecting Yourself Against Identity Theft and Fraud

As the COVID-19 pandemic continues to escalate, fraudsters are taking advantage of these vulnerable and uncertain times to steal personal data and financial information. Please exercise extreme caution when opening emails and clicking on links, and do not provide personal information requested over the phone, by email, or through unfamiliar websites. It is important to stay vigilant during these times to protect yourself and your family. Here are some examples of scams to be on the lookout for:

Phishing

Phishing is a type of social engineering attack that is often used to steal user data.  Such attacks use email, texts, or malicious websites (clicking on a link) to collect personal and financial information or infect your machine with malware and viruses. A malicious email can look like it came from a financial institution, an e-commerce site, a government agency or any other service or business.  These communications often urge you to act quickly, claiming that your account has been compromised, there is limited supply of your merchandise, government benefits may be restricted if you do not respond or there is an urgent matter to address.

 

phishing

Social Engineering

Social engineering scams use psychological manipulation to convince you to divulge confidential information. They ask you to send money immediately or provide personal information over the phone, by email or text. Be extra vigilant when receiving communications offering vaccines or treatments, medical testing or alerts about critical supply shortages. Fraudsters are calling to schedule Coronavirus tests and collecting credit or debit card and other personal information for copays or other out-of-pocket expenses.

Malicious Websites

Malicious websites have been identified, offering maps or statistics related to COVID-19 that ask you to share personal information to register or download malware to your computer.

Charity Scams

Charity scams may consist of requests for donations to unknown but seemingly legitimate groups for COVID-19 related assistance. For your security, give to established, well-known organizations and always visit the organization website directly.

Imposter Scams

Imposter Scams may consist of individuals claiming to be with a government agency such as the IRS or Health Department, requesting your personal information such as name, date of birth, social security number and mailing address in order to send out a stimulus check.  Do not share personal information. 

Tips to Protect Yourself

  • Never open attachments or click on links within suspicious or unexpected emails, text and social media messages.
  • When receiving emails, pay special attention to the email addresses.  Email addresses can be modified by adding or removing a letter or number to trick you into believing it is from a legitimate party.  Be wary of emails that contain multiple spelling mistakes and grammatical errors.  If the email looks legitimate, try going to the sender’s website directly to validate the legitimacy. 
  • If an email asks for donations, do not provide payment information. If you wish to donate, go directly to the organization’s website to see how you can help. Verify the authenticity of any website before making a purchase or donation. 
  • If you receive strange texts from parties that you do not have any personal or business relationship with, do not respond.  If you receive a text from your Bank that you do not regularly receive, contact the bank directly to verify the legitimacy of the text. 
  • Before sending or entering sensitive information online, check the security of the website. Make sure the site’s URL begins with “https” and ensure there is a closed lock icon near the address bar. You should also check for the site’s security certificate. If you get a message stating a certain website may contain malicious files, do not open the website.  Lastly, pay attention to the website’s URL. Malicious websites may look identical to a legitimate site, but the URL may use a variation in spelling or a different domain (e.g., .com versus .net).
  • Review your accounts (bank and credit) on a regular basis to identify unauthorized transactions timely.  Report unauthorized transactions immediately to your financial institution.
  • Change your account passwords regularly combining numbers, upper and lower case letters and symbols to prevent unauthorized access to your account. Consider using a phrase that only you would know.
  • Use anti-virus solutions to protect you and your computer from hackers and phishers attempting to infiltrate your computer.  
  • Be wary of Pop-Ups.  Pop-Up windows often masquerade as legitimate websites when they are really phishing attempts.

Remember that BankUnited will never call, email, or text you asking for your social security number, account number, credit/debit card information or other personal information.

For more information on common scams targeting bank customers, click here.