Phishing email scams are a constant threat to anyone with an email account. These email scams have evolved over the years from simple tactics to much more sophisticated plots using social engineering. In August 2018, one family in Woolwich fell victim to an email scam that we should all be aware of.
While in the process of buying a home in Woolwich, Cassandra Bowen, who was living out of state at the time, worked with a local real estate agent. This real estate agent received an email from Cassandra’s “title company” requesting that Cassandra wire the closing costs.
At a glance, the email wire request looked legitimate. It was signed from someone the real estate agent knew and who worked at the title company. She didn’t question it, but instead forwarded it along to her client. Cassandra followed directions provided to her, as any of us might do. She went to the bank and processed a wire payment of $9,542.64.
It wasn’t until a month or so later during the actual house closing, that they all realized the email had been a scam. The money was gone. After such a difficult blow, they started to piece together what had happened.
Scammers take advantage of our busyness, our good nature, and of our business processes. In this particular case, the scammers found out what real estate agent and title company Cassandra was using to buy her home. They created an email to look genuine and they used the name of an employee they knew worked at the title company.
However, if the real estate agent had investigated further he or she may have noticed that the email had a big red flag: the actual email address that the email was sent from was not an official e-mail from the title company.
“Cases like this have happened in the state of Maine and across the country,” said Will Lund, Superintendent of Maine’s Bureau of Consumer Credit Protection. “The FBI reported last year that it’s close to a billion dollar cyber fraud they call it, across the country. A billion dollars either has been lost, or almost lost in cases of this nature.”
So, what can you do to ensure something like this doesn’t happen to you, your family or your business?
Steps to Avoid Email Phishing Scams & Social Engineering
Get Email Security
Step one to avoid email phishing scams is to have high-quality email security with anti-spam that will filter out the majority of bogus emails.
Identify Red Flags in Emails
For the emails that do get through security Know what the common red flag are by reading 10 Tips on How to Identify Email Phishing Scams
Think Before You Click, Reply, Forward or Comply
Always be on guard. Check with someone else before you click, reply, forward or comply. Call the “sender” on the phone, using trusted contact information found on their website, for instance, and not the contact information contained in the email.
Here’s a monitor card for reminders focused on malware, but these are good for social engineering scams, too. Print it today and share with your co-workers, family & friends.