email phishing alert

ISHS Secretariat
email phishing alert - cybersecurity

The ISHS has been made aware of some targeted e-mail phishing attempts which involved the name of the ISHS President.

Neither the ISHS President nor the ISHS are engaging in those practices and the content of such fraudulent e-mail message(s) distributed in the name of the ISHS President is obviously false.
Phishing e-mails generally originate from various third party email addresses, therefore making it difficult or impossible to take direct action by e.g. blocking the sender's e-mail account.

ISHS strongly advises to delete any suspicious looking e-mail messages from your system and certainly not to engage with the sender who may be asking you to transfer funds to deal with some 'emergency' situation or you may be asked for some other logistical assistance.

Fraudulent e-mails may generally be recognised by the sender or reply-to e-mail addresses which would be different from the regular e-mail address of your correspondent.

Always carefully check the reply-to address before replying to any e-mail message and, if in doubt, verify the integrity of the email first by calling your correspondent over the phone.

For more reading on the subject of phishing and related practices please refer to the following Wikipedia page https://en.wikipedia.org/wiki/Phishing - in the unfortunate event that you have fallen victim to cybercrime, immediately report this to the police or law enforcement agency in your country.

Some general tips:

  • Do not trust any unsolicited e-mails
  • Do not download any irrelevant files sent by unknown senders
  • Always verify the hyperlinks mentioned in any e-mail before accessing them
  • Do not proceed with any fund transfer without verifying with the sender or the organisation leadership
  • Always ensure that the sender is authentic - check the sender's exact e-mail address and domain name

When the phishing e-mail was sent from a suspect gmail account, report the abuse with Google at https://support.google.com/mail/contact/abuse - Microsoft also offers more information on the subject including options to report phishing: https://docs.microsoft.com/en-us/windows/security/threat-protection/intelligence/phishing

Originally posted February 26, 2020, updated April 8, 2020 & August 31, 2020

Tags: 
email
phishing
scam
email fraud
Categories: 
General Interest