Employees Fallen Prey
In the last 30 days, Magleby has had THREE employees fall for phishing email scams. It’s been both personally and professionally frustrating for them, incredibly time consuming to resolve, and even a little embarrassing to have to explain how it happened. Don’t let it happen to you!
Phishing is an identity theft scam targeted to folks that use email or texting. Phishing tricks victims into giving up personal, business, or sensitive information that can be used to steal the victims identity, raid their bank accounts and more.
The slimy crooks that send phishing emails/texts use fake but VERY AUTHENTIC looking emails and websites to convince their prey to supply information they then use to MAKE LIFE HELL! Fake emails could look like they are from your bank, your email service provider, PayPal, Google, law enforcement, your credit card company, Amazon, and more. BEWARE AND PROTECT YOURSELF!
Three Types of Phishing Emails
How Do You Know?
If you take just a bit of time, you’ll be able to easily identify a phishing scam.
- What’s the email address? – Don’t just look at what name comes through but also hover over or click on the email address to verify it’s legit. For example: Chase Bank <firstname.lastname@example.org> Notice the domain is @jp.ne.ocn? An email from Chase Bank would have a chase.com in the domain, i.e. Chase <email@example.com>
- How’s the grammar and spelling? – If there are a lot of grammar and/or spelling mistakes, it’s a sign that it’s phishing. If the language or how the sentences are formed sounds foreign, it’s a sign it’s phishing.
- Who’s it addressed to? – Emails addressed to “Dear Friend” or “Dear Customer” is a sign it’s phishing. Most legit companies would have a more personal greeting.
- Who signed it? – If it’s legit, it’s likely to include contact information for the sender, such as an email address and/or phone number.
- Are there links? – Do not click on them! Hover your mouse over the link and see where it’s pointing to. If it looks fishy, it’s phishy.
- What’s attached? – Scammers embed viruses and malware in attachments. Open them and you’ve fallen prey!
Don’t fall for threats or intimidation. And don’t give personal information. Scammers will often claim that you are in trouble or that if you don’t respond you’ll be in trouble. You’re not! But you will be if you fall for it!
After Disaster Strikes
If you find that you’ve clicked a link or opened an attachment you shouldn’t have and now your “hooked” by the phisher, get IT involved immediately. You’ll be required to change nearly all passwords tied to your email account. You may have to reach out to all of your contacts to explain that the email sent by “you” was not them. You may be locked out of your device for one to two days while IT runs diagnostics to understand how intrusive the scam was and if any company data was compromised.