1. Voicemail Notification Scam
Many phone systems, like ours, for example, provide the convenience of sending voicemails as attachments to emails. There are phishing scams taking advantage of that, and researchers tell us those scams are increasing. The increase means the scams are effective, so be on guard.
So how can you avoid falling for this?
- Find out what a legitimate voicemail message looks like in your company. Is it a link or an attachment? Who does it come from? If your company doesn’t send messages like this, then report any you receive.
- Stop any time you are asked for credentials. If it is something being requested, rather than a login you are initiating yourself, are you sure it is a legitimate request? Check the URL very carefully, and when in doubt, ask your IT team.
- If you happen to be near your office phone, an easy way to check is to see if you have any missed calls. If you get an email about a voicemail, but you don’t have any missed calls, it is most likely a scam.
2. Quarantined Emails Scam
No one likes missing an important email. This scam plays on that fear by appearing to notify you of messages stuck in quarantine.
The scam email comes from a ‘service desk’ and has a button or link for you to click and release the supposedly quarantined messages. That link goes to a page customized to impersonate your email login portal in an attempt to steal your credentials.
Stay safe with these tips:
- Double- and triple-check any emails claiming to be from any kind of Service Desk or IT support team. If it’s from us, for example, the sender email will be support[at]infinityinc.us. It will not say “Service Desk” or come from any .com address.
- If you see an email like this for the first time and you’re not sure if it’s legitimate, ask. There is no harm in checking. And there could be a lot of harm done without checking.
- Always stop before entering your credentials on a site you did not independently navigate to. Did you hover over and carefully check the link before clicking? Does the landing page URL, text, and images pass detailed inspection? Does it make sense to give your email and password to release quarantined messages? If you have doubts about anything, call or email your IT team.
3. Pandemic-related Workplace Lawsuit Scams
You can view the law firm’s litigation tracker information here.
What does this mean for you?
- Remain suspicious of unsolicited messages related to global events like the pandemic. If the message appears to be from your HR department, carefully check that it is the right sender and not a close spoof. You can also pick up the phone and ask HR if they sent such information before opening it.
- It’s natural to be curious if you see a professional-looking email from a law firm about a class action lawsuit. Remember to hover over any links before clicking to see where they point. You can also Google the firm and see if a) it really exists, b) it handles that kind of case, and c) if the information in the email matches what’s online. Then you can pick up the phone and call. If the email is a scam, you may be helping to make them aware of it.
