In the recent weeks there has been many phishing emails circulating from the FTC, Paypal and Facebook just to name a few. Such scams try to fool people into giving away names, addresses, phone numbers, email addresses, passwords and other personal data by sending emails that look as if they were sent from a legitimate company, especially ones we deal with on a frequent basis. This type of phishing emails normally include a link that takes them to a fake site mimicking the real company website by entering personal data which can compromise computers and be used for fraud.
There is a Phishing Malware circulating which uses social engineering tactics. Hackers know what sites you typically visit and will create emails emulating those merchants or sites. For instance, you frequent your bank’s website. The hackers then send you emails emulating your bank.
A fictitious email has been circulating that states it’s from the FTC (Federal Trade Commission). The email says there’s a complaint against your business and includes a link and an attachment that downloads a virus known as a “Trojan Horse”. Here’s one example of what the phony email said:
“This notification has been automatically sent to you because we have received a consumer complaint, claiming that your company is violating the CCPA (Consumer Credit Protection Act). According to our policy, we have initiated a formal investigation before taking legal action. You can download the document containing the complaint and the plaintiff contact information, from…” followed by a link.
The email has the FTC seal, the web address and it appears to come from an FTC email address. If you hover over the hotlinks, some may be valid yet others actually send you elsewhere…to the scammer. The FTC advised if you get an email like this, do not open it. It’s important NOT to click on the links or open any attachments.
Government impostors aren’t just impersonating the FTC. If you get an unexpected email that says it’s from the government and asks you to click on links, open attachments, or share personal information, don’t do it. Even if you think it’s legitimate, it’s best to look up the phone number and contact the agency directly to check it out.
If you or anyone you know receive such emails, refrain from clicking any links in the email and delete it. If you believe it may be legitimate, ask your company’s IT department to look at it beforehand.
By: Denise Garcia