Today one of our members was sent an email that appeared to be from Karen asking for money to help kids with cancer. The email address it was sent from had a photo of Karen in her Star Trek shawl as her profile photo. Please make sure that any email you get from the church or someone at the church asking you for money or gift cards you verify first by calling or texting the person making the request.
Here are five ways to detect email phishing attempts:
1. Check the sender's email address: Be cautious of emails from unfamiliar or suspicious email addresses. Sometimes, phishing emails may mimic legitimate senders, but the email address may have slight variations or misspellings.
2. Inspect URLs before clicking: Hover over links in the email (without clicking) to preview the URL. Ensure that the URL matches the expected website address. Watch out for misspellings or strange domain names that resemble popular websites.
3. Look for spelling and grammar errors: Many phishing emails contain spelling mistakes, grammatical errors, or awkward phrasing. Legitimate businesses and organizations typically have professional communication standards.
4. Beware of urgent or threatening language: Phishing emails often use urgency or fear to prompt action. They may claim your account is compromised or that you need to verify personal information immediately. Legitimate entities usually communicate important matters through secure channels rather than email.
5. Verify requests for personal or financial information: Legitimate organizations rarely ask for sensitive information like passwords, credit card numbers, or social security numbers via email. If you're unsure about the authenticity of an email, contact the company directly through their official website or phone number to verify the request.
HOW THESE SCAMS WORK, WHAT TO WATCH FOR AND HOW TO THWART THEM.
While we cannot stop them from coming into our inboxes, we can control how we react to them to protect ourselves and hopefully discourage the scammers from continuing to target our congregation.
How it works:
One of the most successful phishing scams involves a boss, minister, coworker, or friend asking you to go out & buy gift cards. It uses clever social engineering, not advanced technology. Here's how you can spot & avoid the "gift card" scam.
Ask yourself: if your boss/minister/friend wanted to give out gift cards, how would they order those gift cards? Would they send you an email asking you to rush out and buy some, and then ask you to scratch off the backs and email the codes?
Probably not. Yet this exact scenario has become a prolific, and unusually successful, email phishing scam.
The scam goes like this:
You receive a ‘plain text’ email. The email appears to come from someone they are familiar with. In the email, the sender asks you to buy some gift cards. Note: sometimes they try to get your attention first - with things like "I need urgent help with something today" or "Can you do something for me" or something similar. If you reply, it leads to asking for help in buying gift cards.
Once you tell them you've bought the gift cards, the email asks you to scratch off the gift card backings to display the unique PIN codes and email those codes back to them.
The scammer takes the code, cashes out the gift card in minutes, and vanishes.
This scam has made the rounds since mid-2018. That cybercriminals still use it means it still works.
As scams go, this one's clever. How does it work so well?
It uses a "display-name spoof" – putting a real person's name in the "From" field. (Often either the name or subject is in all CAPS - which is a clue to look for!)
The text of the email reads like the person actually wrote it. We can spot terrible grammar a mile away. Normal grammar, however, that doesn't ring alarm bells.
We are a loving congregation —so when we’re given a mission, we are eager to help!
Sometimes the scam uses a time limit, e.g. "Can you do this before end of day?" This creates a sense of urgency, which compels action with little time to think.
DEFEATING THE SCAM IS SIMPLE.
First, hit Reply to the email and check the return email address for the "request." Chances are it's not your boss/minister/coworker or friend's email address. Delete that email (do NOT send it).
Next, send a separate email to that person asking if they sent the first message. Chances are they didn't.
That's all. One email (or call) and one check, and you avoid a scam that could cost hundreds or thousands of dollars!
We do not know if responding compromises your account in any way - so it's best to not engage with the senders at all if possible. If you are not sure, follow step 2 above and you will never need to worry!
No one from UUNB will EVER ask you to buy gift cards or send money directly via email. We only encourage donations sent directly to the church office, or via our website. We encourage you to double-check with us if you are unsure of a request.
SOME SAMPLES OF THE KINDS OF EMAILS USED IN THE SCAM -IF YOU GET ONE, DEFEAT THE SCAM USING STEPS 1 & 2 ABOVE
Subject: Request...I need you to do a chore to purchase Google Play gift cards from Target / Safeway or any other nearby store. Let me know when you receive this email for the amount and denominations you are to purchase then look forward to my response.Director Name,Director.Sent from my iPhone
Sample 2
Jane, could you please email me back? I need a favor.
Sample 3
Sally, are you available at the moment? I need you to handle a project. Very busy at the moment. Can't talk. Just send an email when you receive this. Thanks.
Sample 4
I need you to pick up three Home Depot gift cards for our project.
Sample 5
Good to hear from you. I need to get three iTunes gift cards for my niece. It's her birthday but I can't do this now because I'm currently traveling. Can you get them for me from any store around you? I'll pay back next week when I get back home.
Sample 6
Sitting in a meeting right now, there is something i need you to do. Let me know when you are available.
Sample 7
Hello, are you available? Please i need your assistance urgently.
Sample 8
Okay thanks, I was hoping you could help me get some Amazon gift cards from the store, I will reimburse you when I’m done with my conference, I need tosend it to someone now and it is very important because it’s one of my best friend kid birthday and I fear I may not get it on time myself if I decide to wait it out.
Sample 9
Subject:Are you available?Are you available ? I need you to handle something for me now, i'm currently in a meeting with limited phone call and also experiencing some difficulties at the moment, just reply my e-mail if you are available.Thanks
Sample 10
I need you to personally run a task for me ASAP as I am occupied in a meeting at the moment and can't talk but will lookout for your reply and let me know if you can get this done right now. Thanks
Stay Safe, Friends!
Comentarios