September 2021: Beware of Flubot scams
Phishing scams – or email fraud is as old as email itself. These scams attempt to get you to volunteer your personal information to criminals or to install malware on your computer or mobile device.
Scammers attempt to fool you by sending email messages that point to fake websites. The email you receive may look real, with company logos, links and branding, but when you enter your information into the website that sensitive data is handed right over to scammers. The attachment that you open could also contain Malware that gives the fraudsters direct access to your system.
While firewalls and email filters will catch most of the bad stuff, the best defence is educating yourself on how to tell if an email is fraud.
There are a number of areas you can check to help determine if an email you’ve received is legitimate or not. Start by looking out for spelling mistakes and poor grammar. Another red flag is a threatening email that fakes a sense of urgency or makes threats to trick you into action.
It’s important to remember that login credentials can be stolen and used by attackers to send malicious emails from known, trusted accounts.
ALWAYS check the ‘from’ email address, and be aware that this can be faked. Scammers will also copy brand logos and email formatting to make an email appear legitimate.
Scammers may try to trick you into clicking links or opening attachments. Before you click any links or open attachments you must check if they are legitimate. You can do this by hovering over the link if you’re on your computer, or ‘tap and hold’ on mobile devices to review the link before accessing it.
Remember that links can be disguised to appear as legitimate and often contain the imitated business name as part of the link. Before you click a link, download a file, respond with sensitive data or complete a wire transfer, you must be 100% confident the sender is who they say they are and that the request is legitimate.
REMEMBER: While Heritage may send information, or confirm receipt of items, by email, we will NEVER send an email that requests you to share personal security details such as your PIN, CCV number, internet banking passwords or credit card details. Heritage emails may contain links, however these will never lead you to a website that requires you to input personal details. In order to meet our obligations of the Spam Act 2003, all emails will include an unsubscribe link for the member to manage their preferences for contact.
If you’ve received an email from Heritage that you think may be fraudulent, you can help fight the problem by using the forward as attachment button on your message menu and sending to email@example.com. We use the spam that's forwarded to us to improve our filters and look for malicious campaigns that may be getting through our protection so that we can issue warnings to our customers and staff.
If you believe your computer may have been compromised because of an action you have taken in response to an e-mail it is recommended that you:
For more tips on identifying fraud and scams, visit our Security and Scam Help and Guidance hub