Don't be FOOLED!!
TMHI board members will never email you asking for you to purchase them gift cards!!
These emails usually come under disguise as one of our board members, but if you look closely at the actual email address it is not OURS.
Here are some helpful tips to not fall victim to these scammers:
What
Might be a Phishing Message?
A phishing message is an email or text that appears to be from a
legitimate source, but is actually sent by threat actor with malicious intent.
Phishing messages can be sent through emails, websites, text
messages or even through social media. These messages are often designed to
appear like legitimate communications from banks, government agencies, online
services providers or other organizations.
How
to Spot Email Phishing
The first step in how to spot email phishing comes with
understanding what a phishing email is.
The most accurate definition of a phishing email is an email sent
to a recipient with the objective of making the recipient perform a specific
task. The attacker may use social engineering techniques to make their email
look genuine and include a request to click on a link, open an attachment, or
provide other sensitive information, such as login credentials.
Socially engineered phishing emails are the most dangerous. They
are constructed to be relevant and appear genuine to their targets. The recipient
is more trusting of the email and performs the specific task requested in the
email. The results can be devastating. If the recipient clicks on a link to a
malware-infected website, opens an attachment with a malicious payload, or
divulges their login credentials, an attacker can access a corporate network
undetected.
7 Tips to Help Spot it:
1. Emails Demanding Urgent Action
Emails threatening a negative consequence, or a loss
of opportunity unless urgent action is taken, are often phishing emails.
Attackers often use this approach to rush recipients into action before they
have had the opportunity to study the email for potential flaws or
inconsistencies.
2. Emails Stating “Don’t call me”
As these threat actors are pretending to be someone
else, they don’t want you calling the actual person, they will tell you things
like “I have limited cell connectivity today, so just email me”. Once you
respond to the email they will request you to take actions that will cost you
money i.e., purchasing gift cards etc.
3. Emails with Bad Grammar and Spelling
Mistakes
Another way to spot email phishing is bad grammar and
spelling mistakes. Many companies apply spell-checking tools to outgoing emails
by default to ensure their emails are grammatically correct. Those who use
browser-based email clients apply autocorrect or highlight features on web
browsers
4. Emails with an Unfamiliar Greeting or
Salutation
Emails exchanged between work colleagues usually have
an informal salutation. Those that start “Dear,” or contain phrases not
normally used in informal conversation, are from sources unfamiliar with the
style of our interactions should arouse suspicion.
Stay Safe!
TMHI Board of Directors