When receiving an email, hover your cursor directly over the link without clicking it and read the text that pops up to see the intended destination. Look for things like misspellings.

Be careful what you download. Never open an email attachment from someone you do not know and be wary of email attachments that are forwarded to you.

Be suspicious of emails or text messages marked “urgent.”

Be careful about sharing personal information, such as social security numbers, online and on social media.

Check that the actual email address matches the organization they claim to be from.

Access the official website, phone number, and email to re-confirm official information.

Check for poor spelling or grammar and confirm that logos are official.

Cyber

Activate multi-factor authentication on your accounts. A password isn’t enough to keep you safe online any longer. Use multi-factor authentication when you can. A second identification layer, such as entering a code sent via text message or email, can help the service provider verify logins.

Update your software. Bad actors take advantage of system flaws, so updating your device’s operating systems and applications is important.

Do not click. More than 90% of successful cyber-attacks start with a phishing email. Once they have your information, they can use it on legitimate sites. They may also try to get you to run malicious software, also known as malware. If it’s a link you don’t recognize, trust your instincts and don’t click. Suspicious texts will also often contain dangerous links.

Use strong passwords. Be mindful of password storage, complexity, and usage. Make sure your passwords are unique, use a combination of letters, numbers, and special characters, and are case sensitive.

Phone

If you are contacted by someone claiming to be from the government or military, there are some red flags to watch out for that may indicate that you are being scammed, such as:

  • Unsolicited computer-generated voice calls asking you to press a number to speak with someone are almost always a scam. Hang up on these types of calls.
  • The caller asks for personal information, like your Social Security number, mother’s maiden name, or bank account information.
  • The caller claims to be from a government agency, like the IRS, VA or Social Security Administration or warns about an issue related to your Social Security number or other personal information.
  • They demand immediate payment, often through payment app or service, gift cards, prepaid debit cards, wire transfer, cryptocurrency, bank transfer or payment, money order, or encourage you to move your money to a “protected” bank account.
  • The caller threatens to arrest you or have your utilities cut off if you don’t pay.
  • The caller claims you will face legal action unless you do what they say, which often involves payment or transferring money.
  • If you get an inquiry from someone who says they represent a company or government agency, hang up and call the phone number on your account statement or on the company’s or government agency’s website to verify the authenticity of the request. You will usually get a written statement in the mail before you get a phone call from a legitimate source, particularly if the caller is asking for a payment.

Immediate Actions

If you think you are the victim of an imposter scam, it is important to act right away to protect yourself and your finances. Here are some steps to take if you think you have been scammed:

  • Stop all contact with the individual(s) who contacted you.
  • Save all information or messages about the individual(s) who contacted you pretending to be in case you need to take legal action.
  • If you provided financial information, like your credit card number or bank account information, contact your bank or credit card company right away. They may be able to help you cancel the transaction or get your money back.
  • If you sent funds via gift card or money transfer, report the scam to the issuer. They might be able to help you stop the transaction. Find their contact information by visiting their website.
  • If you provided personal information, like your Social Security number, you may be at risk for identity theft. Visit the Federal Trade Commission’s Report Identity Theft website to report identity theft and get a recovery plan.
  • Keep an eye on your credit report and financial accounts for any unusual activity and consider placing a freeze on your credit.
  • Consider adjusting your mobile settings to block spam calls, texts, and emails.

Identification

  • Use additional security measures such as multi-factor identification, which requires two or more proofs of identity to grant you access.
  • Don’t share your login information over the phone or via email with others.
  • Set up electronic access to all financial accounts. You can set alerts to text you with each transaction, so you can track activity, as well as other alerts. Use an app to access if possible because it has more encryption and other protections. You don’t have to wait a month or a quarter to review your account activity.
  • Don’t deposit VA benefits directly into a family member or caregiver’s bank account unless the person is court appointed or a VA appointed fiduciary.
  • To protect yourself now against future identity fraud, add a fraud alert to your credit reports. A fraud alert requires a lender to contact you before opening a new account in your name.
  • If you are uncomfortable with a call from someone claiming to be from the VA, hang up, and call 800-698-2411 or your local VA facility to confirm whether the call was legitimate.
  • Vary your login information.