This morning my wife received an email from a business contact that lives in the one of the areas affected by Hurricane Harvey requesting an immediate reply. The email appeared to be from her contact, but the reply-to email address did not match any email address the business contact had used before.
Additionally, while the email had legitimate telephone numbers and website addresses, the link to his business FB Group was obscured by a message of Security Check Required and Regards appeared twice in the message.
Here is a screen cap of the message, with personal details blacked out.
Due to the odd reply address, the Security Check Required message, and the doubling of Regards, we thought that was strange enough to ignore the message and sent him a direct message to a known good email address asking if he sent the suspect message.
As we suspected, the email was fake. The business contact has since posted to their business FB Group that they did not send any messages, that they are 31fine, and that they are not in the Philippines (apparently there were multiple phishing messages with different body messages).
Although you can’t stop phishing email from being sent and even appearing to be from you or a known associate, you can read critically and be suspicious of requests for help or money, especially during times of natural disaster or if the request mentions sending money to a foreign country.
Stay skeptical my friends.
-- this post originally appeared on LinkedIn --