They look legit. They appear to come from a trustworthy company and often tell a story that deceives you into clicking a link or opening an attachment. They’re phishing scams that lure you into giving up personal information that can lead directly to your accounts and potentially identity theft.
Phishing scams aren’t new, but they are growing in numbers as scammers take advantage of the coronavirus pandemic. Before you get reeled in, there are steps you can take to protect your accounts.
1. Be aware
Scammers are constantly updating their phishing tactics, especially during COVID-19 — as many Americans receive refunds and stimulus check payments. These scams can reach you via email or even text message. They typically try to trick you into clicking links or providing your passwords, Social Security and account numbers. If successful, they can gain access to your bank and other accounts and steal money or your identity. However, there are ways to spot a scam:
- Look for spelling or spacing mistakes in the text of the message.
- Compare the “from” address (or URL) to the legit company to see if any additional numbers or letters have been added in the subdomain. For example, if you receive an email and it directs you to “website.com.alert.confirmation-manager-6584457.com”, the additional content after website.com is an indicator that it is not a safe website.
- Be cautious of requests stating your account needs updating, that there’s been suspicious activity detected or there’s a problem that you need to fix.
- Verify that the logos and “feel” of the message match other legit messages you have received in the past.
2. Protect your identity
Always keep your Social Security cards and other important documents confidential and in a secure place. Never provide your Social Security number or other private information, such as your debit cards, on a phone call or online communication that you did not initiate.
3. Be smart about your passwords
Strong passwords contain 10 or more characters and a mix of letters and symbols. For example, if your password is “July2020”, it can be easily guessed. Instead, try “jUly@)@)2020”, which is stronger and more difficult to hack. Use a different password for each account and update them every three to six months. Be very cautious with whom you share your passwords — a good rule of thumb is to never share a password with someone you do not know.
4. Monitor your account
Check your account balance and bank statements each month to detect discrepancies, fraudulent or unauthorized activity. Report any suspicious findings immediately by calling Customer Service or the number on the back of your Optum Bank debit Mastercard®. For example, at Optum, if you identify and report unauthorized activity within 60 days of issuance of a statement, you may not be held liable in accordance with the Optum Bank Card Holder Agreement. For your ease and convenience, you can manage your Optum Bank accounts online and on the app.
5. Report suspicious activity
If you detect unauthorized activity on your Optum Bank health account or receive a suspicious communication that appears as if it is from Optum Bank, call the number on the back of your card. You may also review this page developed and maintained by the Federal Trade Commission (FTC) for fraud issues related to COVID-19, including common scams, where to report them and security tips.
How Optum Bank protects your account
Protecting your personal information and identity is important. At Optum Bank, we work hard to ensure your accounts stay safe and secure at all times. We perform routine monitoring to detect suspicious and unauthorized activity on your account and Optum Bank debit Mastercard®. However, some unauthorized activity can appear legitimate and not be detected. You are ultimately responsible for regularly monitoring your account and promptly reporting any unauthorized activity. We will never reach out to you over the phone or via email to request sensitive information, such as address, birthdate, Social Security number, PIN or debit card number.
We require complex passwords using uppercase and lowercase letters and symbols to keep your account secure. We use encryption to protect your information, including your username, password and account details. And, you are automatically signed out of your online account after a predetermined amount of time.
For additional information on account security, please visit Optum Bank.
About the Author
Barb Page is the vice president of marketing for Optum Financial Services (OFS). In this role, Barb is responsible for the marketing strategy and execution for OFS and Optum Bank. She brings over 30 years of financial services experience and health care expertise to the marketing arena for Optum. Barb has a master’s degree in business communications and a master of science in health care leadership.
About Optum Bank
Optum Bank is advancing the way we save and pay for qualified medical expenses, connecting the worlds of health and finances in ways that no one else can. Optum Bank is the No. 1 provider of health savings accounts (HSAs), managing 5 million HSA member accounts and over $11 billion in assets. By developing proprietary technology and applying advanced analytics in new ways, Optum Bank helps reduce costs while guiding people to the right care. Optum Bank, Member FDIC, is solely dedicated to health care banking with more than 10 years of experience managing health savings accounts. Health care and finance is in our DNA.