EMAIL SAFETY & PHISHING SCAMS

This is a friendly reminder that as a church we are a frequent target of phishing scams. Unlike hacking which actually compromises your information and data, phishing is when someone poses as a trusted individual in the hopes that they will fool you into sending them your personal information, money, or gift cards.

In our case, these phishers send emails that look like they are coming from Corey Widmer, but are actually not him. However, they do this so well that it can appear that you are receiving an email from Corey! Your first giveaway that it is not him is usually the improper punctuation or the strange ask. If it feels weird and unlike Corey, it most likely isn’t him.

You’ll be able to tell right away that something feels awry, but just in case, if you’re ever uncertain, here are a few things to identify likely phishing scams:

  • No one from Third staff will ask you to send money directly to them via email or text— either in the form of credit card numbers or gift cards.

  • Verify the sender's email address by hovering over the name or clicking the email details in the “from:” column to see the email address. Phishers mask the email address so only the name appears instead, making it easy to miss the strange and inaccurate email address.

  • Phishing messages often start with a generic greeting (“Dear customer” or “Hi Can I ask you a favor?”).

  • Phishing messages often include misspellings, and strange grammatical errors or capitalization.

  • The message requests personal information or for you to do something for them, such as sending gift cards or credit card numbers.

  • The message looks or sounds very different than usual interactions you’ve had with this person.

In Gmail, select More [through the 3 dots icon], and then Report Phishing.

Email Safety Screenshot.png

If you have received a phishing email, or an email from someone impersonating one of our pastors, here’s what you can do:

  • Do not respond or reply to them. Do not open any attachments or click any links.

  • Call the person who claimed to email you, asking if it was them.

  • If you are a Gmail user, you can follow their instructions here to report a phishing email. You can report a phishing email directly through their menu options [More > Report Phishing}, see image to the right.

  • If the email came from a Gmail user, you can report them using Google’s Abuse Form.

Thank you for your diligence in helping us report these abuses as they arise. Phishers can be very convincing and will likely only get more sophisticated with time. Be on the defensive against these scams, and report them as they arise.

If you have any questions about our security policy or any other questions about phishing scams,
please reach out to Alex Sawyer (alexs@thirdrva.org) or Alan Ware (alanw@thirdrva.org).