email phishing alert
The ISHS has been made aware of some targeted e-mail phishing attempts which involved the name of the ISHS President.
Please be aware that neither the ISHS President nor the ISHS are engaging in those practices and the content of such fraudulent e-mail message(s) distributed in the name of the ISHS President is obviously false. Phishing e-mails generally originate from various different third party email addresses, therefore making it difficult or impossible to take direct action by e.g. blocking the sender's e-mail account.
ISHS strongly advises to delete any suspicious looking e-mail messages from your system and certainly not to engage with the sender who may be asking you to transfer funds to deal with some 'emergency' situation.
Fraudulent e-mails may generally be recognised by the sender or reply-to e-mail addresses which would be a different one than the regular e-mail address of your correspondent.
Therefore always carefully check the reply-to address before replying to any e-mail message or, if in doubt, verify the integrity of the email first by calling your correspondent over the phone.
For more reading on the subject of phishing and related practices please refer to the following Wikipedia page https://en.wikipedia.org/wiki/Phishing - in the unfortunate event that you have fallen victim to cybercrime, immediately report this to the police or law enforcement agency in your country.
Some general tips:
- Do not trust any unsolicited e-mails
- Do not download any irrelevant files sent by unknown senders
- Always verify the hyperlinks mentioned in any e-mail before accessing them
- Do not proceed with any fund transfer without verifying with the sender or the organisation leadership
- Always ensure that the sender is authentic - check the sender's exact e-mail address and domain name
When the phishing e-mail was sent from a suspect gmail account, report the abuse with Google at https://support.google.com/mail/contact/abuse - Microsoft also offers more information on the subject including options to report phishing: https://docs.microsoft.com/en-us/windows/security/threat-protection/intelligence/phishing
Originally posted February 26, 2020, updated April 8, 2020