This is just a reminder to all, that Phishing email scams are happening on a regular basis. On occasion, emails claim to come from Pastor Moore or other staff members, but are actually coming from scammers. The email has not been hacked, however scammers have created emails with our information, so that it appears to be coming from us.
These phishing emails are attempts by scammers to trick you into giving out personal information such as your bank account numbers, passwords and credit card numbers, or even gift card information. Scammers try to copy email and text messages from legitimate companies (i.e. St. John’s Lutheran Church) to trick you into entering or sending personal information and passwords. Never follow links or open attachments in suspicious or unsolicited messages.
Unfortunately, these email scams have happened before, and were NOT sent from Pastor Moore’s email address. This cannot be solved by changing passwords. The email address was created to look like it came from Pastor Moore, in some cases, the email address was similar, in other cases the email was completely different.
These signs can help you identify phishing scams:
The sender’s email address or phone number doesn’t match the name of the company that it claims to be from.
The message starts with a generic greeting, like “Dear customer.” Most legitimate companies will include your name in their messages to you.
A link appears to be legitimate but takes you to a website whose URL doesn’t match the address of the company’s website.
The message looks significantly different from other messages that you’ve received from the company/person.
The message requests personal information, like a credit card number or account password.
The message is unsolicited and contains an attachment.
What to do:
It is really important NOT to send any personal information over email such as your accounts/passwords/log-ins, etc. St. John’s will NOT ask you for this information, nor will we ask you to send donations any way other than via our envelopes in the weekly collection or mailed directly to the church.
You may verify the sender's address by hovering over the name or clicking the email details in the from column to see the email address. As you may see, the email says it’s from Pastor Moore, but the email address listed is from email@example.com. That is NOT a valid email from Pastor Moore. She will always send emails with her email signature at the bottom.
If an email seems suspicious or questionable, always call the person from whom the email was sent to verify that he/she actually sent it.
Hover your mouse over any links embedded in the body of the email. If the link address looks weird, don’t click on it. If you want to test the link, open a new window and type in the website address directly rather than clicking on the link from unsolicited emails.
Including malicious attachments that contain viruses and malware is a common phishing tactic. Malware can damage files on your computer, steal your passwords or spy on you without your knowledge. Don’t open any email attachments you weren’t expecting.
Use EXTREME CAUTION when ANY message asks for help, especially in the form of gift cards or any currency. St. John’s Staff will not email you with such requests. Do NOT respond. Do NOT send ANY personal information. There are ways you can help stop (or slow down) these emails (see below).
Phishers are extremely good at what they do. Just because an email has convincing brand logos, language, and a seemingly valid email address, it does not mean that it’s legitimate. Be skeptical when it comes to your email messages—if it looks even remotely suspicious, don’t open it.
This is a good practice to keep in mind for not only Pastor Moore's emails but also your family, friends, or any other contacts you have.
We are sorry for the inconvenience. It seems to be a part of the world we live in now.
Remember: BE DILIGENT: CHECK THE EMAIL ADDRESS YOU ARE REPLYING TO BEFORE RESPONDING. WHEN IN DOUBT, CALL AND DOUBLECHECK!
How to report phishing and scam emails and texts
Here are two government web pages that talk about phishing and scam emails and how to report them.
Federal Trade Commission Consumer Info https://www.consumer.ftc.gov/articles/0038-spam.
Phishing Text Recommendations from the FTC
Don’t text back. Legitimate companies won’t ask you to verify your identity through unsecure channels, like text or email.
Don’t click on any links within the message. Links can install malware on your device, and take you to spoof sites to try to get your information.
Report the message to your cell phone carrier’s spam text reporting number. If you’re an AT&T, T-Mobile, Verizon, Sprint or Bell customer, you can forward the text to 7726 (SPAM) free of charge.
File a complaint with the Federal Trade Commission. Your complaint can help the FTC detect patterns of wrong-doing. Read the full page at https://www.consumer.ftc.gov/blog/2013/08/dont-text-back
To report abuse to Google you can:
Go to this link and fill out the online form https://support.google.com/mail/contact/abuse
OR if you have Gmail
On a computer, open Gmail
Open the message.
Next to Reply arrow ⤺, click the Down Arrow ↓
Click Report phishing