Phishing Alert: Boss Gift Card Scams & More
Update: July 28, 2021
This week, we have had several employees contacted via email claiming to be Dev Krishnan and asking staff to go buy gift cards. These are fraudulent emails.
Please be diligent in your review of emails that look suspicious. Dev or management will NEVER ask anyone via email or text message to buy gift cards or the like. If you receive emails from Dev, please check the from email address field.
Thank you for being attentive to these issues. Scammers are getting sophisticated as they are getting a lot of practice.
There have been recent phishing attacks in which employees receive emails or texts from a party claiming to be Dev or another member of senior management. Phishing attacks involve directly contacting a user and posing as a legitimate person or institution to steal sensitive information, including financial details and online login credentials.
Types of Phishing Attacks
- Email – Cybercriminals posing as trustworthy individuals and convincing the user to disclose their personal or financial details.
- SMS – The attacker sends a text to the victim’s phone that persuades them to click a link found in the message. Also known as ‘Smishing’
- WhatsApp – WhatsApp enables communication with anyone else on the platform and can target either a specific individual or a large population of users.
- Social Media – Posting malicious links to trick unsuspecting users into revealing personal information and other sensitive credentials. (Facebook, Twitter, Instagram, LinkedIn)
Gift Card Scams
One of the most often seen is when it appears that a senior manager asks an employee to purchase gift cards and send the information from those cards via email or text. Senior managers will never ask you to purchase and send gift cards, money, or any other financial instrument via text or email. You have the right and obligation to call anyone internally to verify the information being requested. If you receive a text, email, or phone call, do not respond to that same text, email, or phone number. Call a number you can verify belonging to a company manager. You will not be reprimanded for protecting the company by verifying these emails or texts.
Pay Attention to Suspicious Activity
Please immediately let your KKCS manager know if you receive any of these types of emails. Thank you for your attention. Our security is dependent on all of us paying attention and immediately reporting any suspicious activity.