Think Before You Click

You just received a professional looking email from your bank that says they have added $10,000 to your account.

Sounds too good to be true, right? Probably because it isn’t true!

By now, you’ve most likely heard of phishing emails, where a scammer tries to steal your credentials to sensitive sites, like your bank information, or install malware to take over your system.

So, what’s changed?

The criminals have gotten much more sophisticated. Modern phishing emails will try to mimic your normal, everyday messages, often using your company’s branding or misleading email addresses that appear – upon a quick glance – legitimate.

They are also getting better at hiding the real destination URL in the email they want you to click on.  They register domains that are very close to the legitimate domain such as willsfargo.com instead of wellsfargo.com.

Your customers could be getting emails today that appear to come from your organization or from Invoice Cloud, when in reality, they’re from scammers seeking to steal your customers’ credentials.

Invoice Cloud and your organization has its systems locked down so that only authorized servers can send emails on our behalf, but due to issues with implementing security by some email providers, the scammers can still bypass those protections.

The reality is that everyone should carefully check each email they get to verify that it is legitimate.

Here is a great resource from the U.S. Federal Trade Commission (FTC) on how to avoid becoming the victim of one of these phishing attacks.