Phishing Alert: Boss Gift Card Scams & More
There have been recent phishing attacks in which employees receive emails or texts from a party claiming to be Dev or another member of senior management. Phishing attacks involve directly contacting a user and posing as a legitimate person or institution to steal sensitive information, including financial details and online login credentials.
Types of Phishing Attacks
- Email – Cybercriminals posing as trustworthy individuals and convincing the user to disclose their personal or financial details.
- SMS – The attacker sends a text to the victim’s phone that persuades them to click a link found in the message. Also known as ‘Smishing’
- WhatsApp – WhatsApp enables communication with anyone else on the platform and can target either a specific individual or a large population of users.
- Social Media – Posting malicious links to trick unsuspecting users into revealing personal information and other sensitive credentials. (Facebook, Twitter, Instagram, LinkedIn)
Gift Card Scams
One of the most often seen is when it appears that a senior manager asks an employee to purchase gift cards and send the information from those cards via email or text. Senior managers will never ask you to purchase and send gift cards, money, or any other financial instrument via text or email. You have the right and obligation to call anyone internally to verify the information being requested. If you receive a text, email, or phone call, do not respond to that same text, email, or phone number. Call a number you can verify belonging to a company manager. You will not be reprimanded for protecting the company by verifying these emails or texts.
Pay Attention to Suspicious Activity
Please immediately let your KKCS manager know if you receive any of these types of emails. Thank you for your attention. Our security is dependent on all of us paying attention and immediately reporting any suspicious activity.