Recently, some members of the conference received an email that appeared to be from Bishop Shelton. You may have received it, too. Bishop Shelton and other organizational leaders are often targets of phishing, a type of email scam. These emails appear to be from a trusted person, often with an urgent message. Instead, they are from someone outside the organization trying to steal or gain access to information.
Here’s a screenshot of one of the recent phishing emails.
So, what do you do if you receive a suspicious email like this, and how do you tell if an email is a phishing attack? See some tips below.
Verify Sender’s Email
Make sure to carefully review the sender’s email address for any misspellings or suspicious variations before opening emails. In the email above, notice the From email is a random Gmail account.
Emails that you receive from NC Conference staff will contain the Conference domain @nccumc.org.
Look Out for Urgent Language & Check for Grammatical Errors
Phishing emails usually contain grammatical or spelling errors and use language that creates a sense of urgency. Also, be aware of the time and date when the email was sent, as phishing emails can often be sent outside business hours.
Verify Requests for Sensitive Information
Do not send or share sensitive information such as passwords or credit card numbers. Always contact the sender directly using their official contact information to verify requests.
Think Before Clicking
Avoid clicking links, viewing, or downloading attachments from unknown senders or unexpected emails. If you are unsure if the link or documents are safe, contact the sender directly using their official contact information to verify the link or attachment.
Keep Software Updated
Make sure that your device’s operating system and software are updated regularly.
Password Security & Two-Factor Authentication (2FA)
Use a strong and unique password for each account and enable two-factor authentication for added security.
Mark Phishing Emails as Spam
If you receive a phishing email, mark the message as Spam. Doing so helps protect your account and others within our organization.