What to do with Phishing Emails
You should have recently received a Constant Contact announcement email from the church office warning about a bogus email that appeared to be from Pastor Jeff that you might have received. This is a common “phishing” email scam (see characteristics below) where you may receive emails that suggest they are from someone you know but they are not. These emails did not originate from Pastor Jeff's church email address but have a "from" address that may appear to be legitimate but is not. Such "phishing" scams may either have a link they want to you click on which may install a computer virus or they may ask for a "favor". If you respond to the email, the scammer may reply back to you to request credit card information or direct you to go buy a gift card for them.
Things to look for (if you are suspicious if the email is legitimate, there is probably reason to be).
Does the wording and context in the email sound like what the person would really write? Is the wording very “generic”? Is there an implied urgency to the request that might sound odd? Would this person really ask you this in this way?
Check the “From Address” to see if it looks legit. Check the "From" email address, not just the person’s name and see if it looks legitimate. For example, any official email from CELC staff should be from an email address with “@christgoodyear.org” at the end (or occasionally “@celc.phxcoxmail.com”).
What to do if you receive such an email that seems suspicious:
Pause before immediately responding and ask yourself if you believe it is really legitimate. Delete the email if you are convinced it is not legitimate. It is also helpful if you make the church office or CELC's IT coordinator (Jim Erickson - email@example.com ) aware of the suspected email if it involves an email that purports to be from CELC.
If you are unsure of it’s legitimacy, don’t reply to the suspicious email directly, but check with the person in another way– phone call, text message, a standalone email (not a reply) using what you know is the person’s real email address.
Definitely avoid clicking on any links in an email where you have concerns about it being legitimate. This can be a way for you to end up with viruses on your computer that you don’t want.
Characteristics of such a phishing email may look something like this:
“Good afternoon xxxxxxx! Do you have a moment I have a request I need you to handle discreetly. I am going in for a meeting soon with no calls so just reply to my email.”
It may have the person’s name who you think is sending the email at the bottom of the email with his/her title. Usually it is from an email address that at a glance looks like it could be legitimate, but is usually not the person’s real email address.
Somehow the scammer has obtained your email address/name and they have determined that there might be a connection between you and the person who they are trying to make you believe the phishing email is from (in this case Pastor Jeff). The scammer in this case is trying to accomplish one of two things:
Engage you to reply and start an email conversation where they can try to convince you to do something that they can take advantage of (such as buy gift cards).
Get you to reply so that the bogus email address is now in your email systems contact list.
Let me know if you have any questions or concerns. If you get any similar emails that look like they might be coming from CELC, please let me know.
CELC IT/Tech Coordinator