scam and email phishing alert

ISHS Secretariat
email phishing - cybersecurity - scam alert

Beware of scams implying association with ISHS

The ISHS is aware of various correspondences, being circulated via e-mails, from internet websites, and via regular mail or fax, falsely stating that they are issued by or associated with ISHS and/or its officials.

These scams, which may seek to extract money and/or personal details from the recipients of such correspondence, are fraudulent.

Neither ISHS nor its officials are engaging in such practices.

Phishing e-mails generally originate from various third party email addresses, therefore making it difficult or impossible to take direct action by e.g. blocking the sender's e-mail account.

As a general rule the ISHS strongly advises to delete any suspicious looking e-mail messages from your system and certainly not to engage with the sender who may be asking you to transfer funds to deal with some 'emergency' situation or you may be asked for some other logistical assistance.

Fraudulent e-mails may generally be recognised by the sender or reply-to e-mail addresses which would be different from the regular e-mail address of your correspondent.

Always carefully check the reply-to address before replying to any e-mail message and, if in doubt, verify the integrity of the email first by calling your correspondent over the phone.

For more reading on the subject of phishing and related practices please refer to the following Wikipedia page https://en.wikipedia.org/wiki/Phishing - in the unfortunate event that you have fallen victim to cybercrime, immediately report this to the police or law enforcement agency in your country.

Some general tips:

  • Do not trust any unsolicited e-mails
  • Do not download any irrelevant files sent by unknown senders (or files pretending to be sent 'on behalf of' someone you know)
  • Always verify the hyperlinks mentioned in any e-mail before accessing them
  • Do not proceed with any fund transfer without verifying with the sender or the organisation leadership
  • Always ensure that the sender is authentic - check the sender's exact e-mail address and domain name

When the phishing e-mail was sent from a suspect gmail account, report the abuse with Google at https://support.google.com/mail/contact/abuse - Microsoft also offers more information on the subject including options to report phishing: https://docs.microsoft.com/en-us/windows/security/threat-protection/intelligence/phishing

ISHS assumes no responsibility for any consequences, including but not limited to, financial loss and identity theft or other, that may derive from such scams.

Originally posted February 26, 2020, updated April 8, 2020 & August 31, 2020

Tags: 
email
phishing
scam
email fraud
Categories: 
General Interest