Security Bulletin: Beware of Impersonation Scams
In recent times, some members of our network have encountered a concerning issue – scams involving impersonation within our organization. We take this matter seriously and want to ensure that everyone in our network is well-informed and equipped to recognize and respond to such scams. This security bulletin provides essential insights and precautions to protect against impersonation scams.
Understanding Impersonation Scams
Impersonation scams involve fraudsters posing as individuals within our organization. These scammers typically use email or text messages to deceive recipients into taking actions that may compromise sensitive information, finances, or even attempt to extort money.
How to Spot Impersonation Scams
Recognizing impersonation scams is crucial to safeguarding your information.
- Verify the sender’s email address or phone number, especially if it seems unusual or unexpected.
- Look for inconsistencies in the message content, such as grammar errors or unusual requests.
- Beware of urgent or unusual requests for personal or financial information.
- Cross-check with colleagues or the supposed contact directly if you receive a suspicious message.
Protecting Yourself Against Impersonation Scams
Taking proactive steps to protect your information is essential.
- Always exercise caution when sharing sensitive information via email or text.
- Enable multi-factor authentication (MFA) for email and other critical accounts.
- Educate your team about the risks of impersonation scams and how to recognize them.
- Report any suspicious messages to our IT department promptly.
Understanding Scammers’ Tactics
Scammers often exploit vulnerabilities to impersonate individuals within our organization.
- Scammers may obtain information from data breaches, gaining access to contact details.
- They may use information from LinkedIn or other public sources to craft convincing messages.
- Beware of scammers requesting purchases of gift cards or asking for verification of 6-digit security codes to access accounts or verify identity. No one in our organization will make such requests.
What to Do If You Suspect an Impersonation Scam
Knowing how to respond to a suspected scam is crucial.
- Do not reply to the suspicious message or click on any links or attachments.
- Use the Report Spam button report it as a potential scam.
- If you inadvertently shared sensitive information, change your passwords immediately.
What to Do If You Are a Victim of a Scam
If you believe you have fallen victim to a scam, take immediate action:
- Inform your banking institution to secure your accounts and stop and pending wire transfers.
- Contact your local police to report the incident.
- Notify security@gjgardner.com for assistance with resetting passwords or reviewing security logs.
- Report the fraud to the relevant regulatory department based on your location:
- In Australia: https://www.scamwatch.gov.au/report-a-scam
- In New Zealand: https://www.dia.govt.nz/Spam-How-to-Report-Scams
- In the USA: https://consumer.ftc.gov/scams
Our Commitment to Security
We are dedicated to the security and well-being of our entire network. Stay vigilant, and together we can safeguard our network from impersonation scams. If you’ve discovered a vulnerability in any of our IT services, please contact us at security@gjgardner.com. We review all security concerns brought to our attention, and we take a proactive approach to emerging security issues.
Maintaining the security and integrity of our network is a top priority. By staying informed and taking precautions, we can collectively protect ourselves and our organization from impersonation scams. If you ever encounter a suspicious message, remember to report it promptly. Your vigilance is crucial in ensuring a safe and secure environment for all.