SPAM and Phishing Email Messages – BE SMART, BE AWARE!
Recently, an email was sent to a handful of artists with the subject “Harley Needs Help” or “Help Nick Recovery.” (Note the grammar with the word recovery?) Several people contacted the FAA to see if this was true. Inquiring about the email was the BEST THING these individuals did, as Harley or Nick doesn’t need help – these messages were SPAM.
Here are ten tips that we would like to share regarding SPAM and Phishing email messages:
Tip 1: Don’t trust the display name
A favorite phishing tactic among cyber-criminals is to spoof the display name of an email. Spoofing is where an email name or address looks like it’s coming from a branded company or someone you may know, but the sender is a criminal. Hover your mouse over the email address in the header of the message — if it looks suspicious, don’t open the email.
Tip 2: Look but don’t click
Hover your mouse over any link in the body of the email. If the URL address of the association is long, encrypted, or looks weird, don’t click on it.
Tip 3: Check for spelling mistakes
Legitimate messages usually do not have spelling mistakes or poor grammar.
Tip 4: Analyze the salutation
Is the email addressed to a vague “Valued Customer?” Legitimate businesses will often use a personal salutation with your first and last name.
Tip 5: Don’t give out personal information
Legitimate banks and companies will never ask for personal credentials, passwords, or anything that would raise an eyebrow in an email.
Tip 6: Beware of urgent or threatening language in the subject line
Invoking a sense of urgency or fear is a common phishing tactic. Beware of subject lines claiming your “account has been suspended” or your “account had an unauthorized login attempt.”
Tip 7: Review the signature
Lack of details about the signer or how to contact a company suggests phishing. Legitimate businesses always provide contact information.
Tip 8: Don’t click on attachments
Malicious attachments that contain viruses and malware are a common phishing tactic. Malware can damage files on your computer, steal your passwords or spy on you without your knowledge. Don’t open any email attachments you weren’t expecting.
Tip 9: Don’t trust the header from the email address
Fraudsters not only spoof brands in the display name, but also spoof brands’ names in the email address and body of the message. The email from “Harley Needs Help” looks like it came from “Folsom Arts Association firstname.lastname@example.org,” but the FAA DID NOT SEND THIS. Please note that the FAA would never solicit money help, especially in an email.
Tip 10: Don’t believe everything you see
Phishers are extremely good at what they do. Just because an email has a convincing brand, including logos, language, and a seemingly valid email address, does not mean it’s legitimate. Be skeptical about your email – delete it if it looks even remotely suspicious.
If you’re unsure that an email is valid, please ask someone before clicking any links, responding with any personal information, and, especially, giving anyone money.
Scammers and phishers also come in the form of telephone calls. Scammers and phishers do their homework before they call and probably already know your name and perhaps some personal information about you. They’ll ask questions that prompt you to give them information before you realize you’ve given them more than you wanted.
Be Smart, Be Aware!
When in doubt, ask someone!
For questions, contact Folsom Arts Association