phishingscamBy Valerie Quevedo

Last week one of our clients brought to our attention that he was getting multiple phishing emails every day. As you know, that can be a result of many things.

For educational purposes, we thought we’d share our answer with you, as well as the suggested next steps to our client.

Unfortunately, scammers can attain your email address in a variety of ways (from an online listing like a company website or LinkedIn profile, by compromising someone else's email account, or from legitimate companies you signed up for services with).

Just make sure you never click any links (even the fake "unsubscribe" link they might have), and never download any attachments. You can forward phishing emails to spam@uce.gov — and make sure to paste the original message header in the forwarded message (you will find this by opening the email and clicking "file", "info" and then "properties." At the bottom of the window that pops up is a section called "internet headers"). You will select and copy that whole thing and paste it in the message you forward.

You also can report phishing email to reportphishing@antiphishing.org. The Anti-Phishing Working Group — which includes ISPs, security vendors, financial institutions and law enforcement agencies — use these reports to fight phishing and to stop future messages before they get to you.

After forwarding these messages, the best thing to do is to right click the messages and select "Junk - Block Sender". This will teach Outlook what kinds of messages to mark as junk going forward.

More info on how to deal with phishing here: https://www.consumer.ftc.gov/articles/0003-phishing. If following these steps doesn't seem to reduce the level of phishing emails, we can always discuss more rigorous steps to take.