Dear Friends, please be vigilant when it comes to phishing scams in email and text.
A phishing scam is a type of cyberattack and fraud where attackers impersonate a trustworthy source to trick victims into revealing sensitive personal information, such as usernames, passwords, credit card numbers, or bank details. Using deceptive emails, websites, or text messages that create a sense of urgency or fear, scammers aim to steal this information for identity theft, financial gain, or unauthorized access to computer systems.
We received word this morning that an email is going around pretending to be Rev. Harris. These can be very convincing, and the people who are sending them want to trick you. This is not just happening to Rev. Harris. Unfortunately it is a commonplace scam across all industries and many leaders of Congregations and Organizations have this happen regularly due to their photo, title, and general information being available publicly.
We have not been “hacked” and no one is sending these messages through our accounts/servers. The perpetrators are just pretending to be the sender, in this case Rev. Harris, through their own forged accounts. There are many ways people can get contact information for people they know to be connected. Especially for Church and Non-Profit folks who are more generous with their availability.
Some red flags to watch out for:
- Is the message coming from an email or number you don’t have for the person contacting you?
- Are they asking for money in any sort of way? ESPECIALLY in gift cards or some form of electronic currency.
- Are they saying that they have an urgent need but are mysteriously only available through the way they contacted you? (If someone is actually having an emergency, they certainly could step out of a meeting.)
- Take a moment and ask, why would they be contacting you and not someone else?
- Are they speaking in a way that is not typical for the person. More formal? Strange sentence structure? For us specifically, are they using religious language that in no way is common for the Christian Church (Disciples of Christ)?
If you get a message that you aren’t sure about, ALWAYS contact that person directly and separately through an email or number that you already have for them and know to be correct. Do not engage with the phishing email as that just confirms to that person that the contact is valid and they will most certainly try again. Report and block all phishing communications.
Unfortunately, there’s no easy fix to all of this. We are blessed to have many generous and kind-hearted donors and we want to do our part to help you safeguard yourselves so you can continue to support vital and life-changing ministries. These scammers prey on trusting individuals and are constantly finding new ways to contact and scam people. The best defense is YOU being aware and vigilant.