Email scamming is looking better and better these days. Sometimes, it can be hard to know if the email you’re receiving is legitimate or not. Business owners should watch out for numerous types of cyber attacks, but two of the most common are email phishing and HTTPS phishing.

Email phishing: An attacker sends an authentic-looking email tricking you into replying or entering your information into a website where they can steal or sell it. 

Or

HTTPS Phishing: An attacker sends an email with a link to a fake website in hopes you’ll enter your information for them to steal or sell. 

Often these types of emails are alarming! They play on your emotions to entice you to act quickly, so you don’t consider the possibility that it might be fake in your panic. Many hackers hide under the guise of an organization most people trust, such as Facebook, Walmart, or Amazon.

Recently, a few of our member offices have been victims of phishing attacks. Luckily, they’ve let us know they received a suspicious email, and we were able to direct them to trash the email and put their minds at ease.

Facebook Phishing Scam

The latest phishing scam hides behind Facebook. The email looks something like this:

facebook phishing scam email

The tricky thing about this email is that the link goes to Facebook.com. However, it goes to a fake Facebook page asking you to enter into a different website and share your information.

Don’t fall for it! Just ignore it.

4 Tips to Avoid Getting Screwed by Phishing Attackers

  1. Check the sender. If the sending email address looks odd, has misspellings, or isn’t directly from the business, it’s a scam. In this case, you know Facebook didn’t send the email because it’s from “messaging-service@post.xero.com.” If it were legitimate, it would be directly from Facebook.com.
  2. Misspellings: If the email is poorly worded, it’s likely a scam!
  3. Threats: If the email threatens you, it’s a phishing scam.
  4. Suspicious Link: Never click on email links unless you’re sure it’s from a legitimate sender.

Things to note about this particular phishing scam:

  • Facebook won’t send you an email. They’ll send you a notification through your Facebook app if they need to contact you.
  • If the Facebook page were legit, it would be verified by Facebook.
  • Looking further into the post on the fake Facebook page, we see a case number. A legitimate company would never post a notice with a case number.

If you’re a Pro Impressions member office, contact your account manager if you get suspicious emails and are unsure what to do. We can help you avoid phishing scams and protect your information.