Email Scam Spoofing Alert

Exercise caution when reading emails asking for private information

Recently we’ve had clients receive several emails claiming to be from Microsoft trying to resolve some issue, with a link requesting for the recipient’s login information. This is a classic example of email spoofing, which is the forgery of an email header so that the message appears to be from someone recognizable such as Microsoft or some other organization. This tactic is used in phishing and spam campaigns because people are more likely to open an email when they think it has been sent by a legitimate source. Their goal is to phish for your data such as login information or credit card numbers, but luckily there are several steps you can take to protect yourself:

  1. Never click unfamiliar links or download unfamiliar attachments, especially ones that you are not expecting. (Go to your bank’s, cable company’s, or other website directly and log in to find what they want you to see)
  2. Turn up your spam filters, which can filter out messages that may have slipped through an SPF check.
  3. When a suspicious email comes in, open the header and look at the IP address of the sender to see if it matches up with previous emails from the same person.
  4. Use your primary email account to communicate only with people you know and trust. Use a throwaway email when sharing an email address with a website or posting in an online forum.

Keeping you and your employees informed about spoofing and prevention should be a top priority, as it only takes one person to expose the entire company network. Contact us at RIT Company if you have any additional questions or concerns.