Spam email is annoying at best. At worst, it can include scam offers or malicious computer viruses that cost you time and money.
We became aware of an email phishing scheme targeting Whidbey Telecom customers. Customers reported a fraudulent email that appeared to be from “WHIDBEY Inc.” This scam email tells customers we have made changes to our privacy policy and user agreements, and encourages customers to click on a link to accept the new agreements.
What to Look For
Stop and look over your emails carefully before clicking on anything. Some things to look for are awkward or aggressive phrasing, misspellings, grammatical errors, and incorrect sender email addresses. You can check links and verify the sender’s email address by hovering your mouse over them.
Below are copies of phishing emails reported by customers. Note the incorrect addresses, incorrect links, and grammatical issues. These are red flags that indicate the email is a scam and not legitimate.
While, at a glance, this email might look real, it’s not. We would never send a bulk email to customers that displays the addresses of other customers, as in the case of the email below. We would also never refer to ourselves as simply WHIDBEY or anything other than Whidbey Telecom.
How Phishing Works
Phishing attacks attempt to steal sensitive information through emails, websites, text messages, or other forms of electronic communication. They often look to be official communication from legitimate companies or individuals.
Phishing emails will try to trick you into clicking on a link or opening an attachment. They’ll say they’ve noticed some suspicious activity or log-in attempts on your account. Or claim there’s a problem with your account or your payment information. Dangerous spam emails often sound urgent, so you feel the need to act.
These emails are very convincing, some going so far as to include the company’s logo or mailing address. The phishing site typically mimics sign-in pages that require users to input login credentials and account information. The fake site then captures the sensitive information as soon as the user provides it, giving the attackers access.
Phishing emails can be very effective. Attackers will often use them to distribute ransomware through links or attachments in emails. When run, the ransomware encrypts files and displays a ransom note demanding you pay a sum of money to access your files.
What to Do
If you get an email that asks you to click on a link or open an attachment, answer this question. Do I have an account with the company or know the person that contacted me?
If the answer is “No,” it could be a phishing scam. Go back and look for signs of a phishing scam like the ones above. If you see them, delete the message. Do NOT click on any links or open any attachments.
If the answer is “Yes,” contact the company using a phone number or website you know is real, not the information in the email.
Most importantly, trust your instincts. If it doesn’t seem right, it probably isn’t. When in doubt, feel free to contact your Whidbey Telecom Support Team at 360-321-TECH (8324) or email support@whidbey.net.