Don’t Get Scammed: Email Phishing Scam
Recently, Jitasa received an email that contained a virus and spoofing techniques…it was masked by an employee’s email address, and so convincing that many opened it. Upon opening the link, it required that you enter your credentials and thus the phishing scam begins. After our tech team reviewed the email they discovered that there were several red flags that should have triggered suspicion.
- Recipients of the email were BCC’d, a feature that Jitasa does not employ on our email.
- The email came from “Andrew Fass”, yet the email signature did not align with Jitasa requirements, and was markedly different than our design.
- The Recipients of the email had not had a previous discussion with the real Andrew regarding the review of any documents.
This was a huge indicator that you shouldn’t click the link.
- The phishing email included a PDF attachment with a fake link
- The link was masked as DocuSign but went to https:/x/ncsasports.cf/good/plx,
- TIP: Always hover over a link first before clicking to see where it is taking you
- The fake website asked for credentials
What to do if you open that email If you do happen to open an email intent on phishing, the best thing to do is immediately reset your password and have your computer scanned by a technology professional to ensure there is no virus.