By Krystofer Gardner
Did you notice the new banner on all emails coming from an External (outside of Magleby Construction) source? Unfortunately, as employees we continue to not learn the lesson that if the email doesn’t pass the SNIFF test, it is likely phishy (or a phishing scam).
New Banner Bar
Here is what the new banner bar looks like (below). It is big and red, and reads “[EXTERNAL EMAIL] DO NOT click on links or attachments unless you recognize the sender and know the content is safe.”
This banner bar is a visual reminder to ask a few questions about the validity of the email that is sent before proceeding with opening links, attachments, or entering any type of personal information. If you see this banner, always use the SNIFF test.
SNIFF Test
Ask yourself these questions before proceeding:
- S – Sender – do you know the sender? Is the sender really who they claim to be? (E.g. it says it is from Chad Magleby, but the address is chad1342jk@gmail.com).
- N – Normal – is it normal that the sender would email you, and discuss the topic that was emailed about? If you would normally not receive communication on the topic of the email, why would things have changed? If the email doesn’t seem normal, be suspicious.
- I – Internal – does the sender claim to be someone internally within the organization? If so, why is the “External” banner bar showing? Or does the person claim to know someone internally in the organization? If so, validate with the referenced individual about the validity of the email.
- F – Familiar – are you familiar with the sender? If you weren’t expecting an email from the sender, question the validity of any attachments or links.
- F – Fishy – does anything about the email make you question? Attachments or links should NOT ask for your username or password. If so, IT would be happy to look at it first.
Remember that the consequences of clicking on fraudulent links are massive. Everything from your personal information, to client personal information, to company private information is put at risk when a scammer succeeds at getting you to click on something illegitimate.
Be careful and use the SNIFF test.
For a good review check out these two previously posted articles.
