SPAM and Phishing Email Messages – BE SMART, BE AWARE!
Recently, an email was went to a handful artists with the subject “Harley Needs Help” or “Help Nick Recovery.” (Note the grammar with the word recovery?) Several people contacted the FAA to see if this was true. Inquiring about the email was the BEST THING these individuals did, as Harley or Nick doesn’t need help – these messages were SPAM.
Here are ten tips that we would like to share regarding SPAM and Phishing email messages:
Tip 1: Don’t trust the display name
A favorite phishing tactic among cyber-criminals is to spoof the display name of an email. Spoofing is where an email name or email address looks like it’s coming from a branded company or someone you may know, but the sender is really a criminal. Hover your mouse over the email address in the header of the message — if looks suspicious, don’t open the email.
Tip 2: Look but don’t click
Hover your mouse over any link in the body of the email. If the URL address of the link is long, encrypted, or just looks weird, don’t click on it.
Tip 3: Check for spelling mistakes
Legitimate messages usually do not have spelling mistakes or poor grammar.
Tip 4: Analyze the salutation
Is the email addressed to a vague “Valued Customer?” Legitimate businesses will often use a personal salutation with your first and last name.
Tip 5: Don’t give up personal information
Legitimate banks and companies will never ask for personal credentials, passwords, or anything that would raise an eyebrow in an email.
Tip 6: Beware of urgent or threatening language in the subject line
Invoking a sense of urgency or fear is a common phishing tactic. Beware of subject lines that claim your “account has been suspended” or your “account had an unauthorized login attempt.”
Tip 7: Review the signature
Lack of details about the signer or how you can contact a company strongly suggests a phish. Legitimate businesses always provide contact information.
Tip 8: Don’t click on attachments
Malicious attachments that contain viruses and malware is a common phishing tactic. Malware can damage files on your computer, steal your passwords or spy on you without your knowledge. Don’t open any email attachments you weren’t expecting.
Tip 9: Don’t trust the header from email address
Fraudsters not only spoof brands in the display name, but also spoof brands in the email address and body of the message. The email from “Harley Needs Help” looks like it came from “Folsom Arts Association firstname.lastname@example.org,” but the FAA DID NOT SEND THIS. Please note that the FAA would never, ever solicit help for money, especially in an email.
Tip 10: Don’t believe everything you see
Phishers are extremely good at what they do. Just because an email has a convincing brand, including logos, language, and a seemingly valid email address, does not mean that it’s legitimate. Be skeptical when it comes to your email – if it looks even remotely suspicious, delete it.
If you’re not sure that an email is valid, please ask someone before clicking any links, responding with any personal information, and especially, giving anyone money.
Scammers and phishers also come in the form of telephone calls. Scammers and phishers do their homework before they call and most likely already know your name and perhaps some personal information about you. They’ll ask questions which prompts you to give them information before you realize you’ve given them more than you wanted to.
Be Smart, Be Aware!
When in doubt, ask someone!
For questions, contact Folsom Arts Association