Business accounts are often targeted by fraud attempts. Please be aware of common email phishing scams where the message appears to come from known and trusted sources, such as the Federal Deposit Insurance Corporation, the Internal Revenue Service, or the National Automated Clearing House Association (the ACH payment network). Telltale characteristics of an attempted email phishing scam are:
This isn’t because fraudsters don’t know how to spell, it’s so phishing emails won’t be blocked by email filters.
- Awkward Greeting
A phishing email may not refer to the email recipient by name or in a nonsensical manner “Client(s)”.
- Sense of Urgency
An urgent need to communicate with you for your own security, or a request to verify payment information immediately; compelling language that urges the recipient to take action.
- Random Generation of Numbers
A phishing email may contain a random sequence of numbers, such as ACH Payment #38350555 canceled, that can also be inserted into the subject line or text of the email to make it appear as though it is a specific transaction ID or payment amount. That random number can also be inserted into the file name of the pdf.exe file or pdf.zip file, creating a sense of uniqueness and legitimacy.
- Incorrect Grammar
Another tactic used to bypass email filters. In this phishing example refer to, “Detailed report on initiated transactions are reason.”
- Strange or Unfamiliar Links
The links may look official, but when the mouse cursor rolls over the link the link source code points to a completely different website which may contain malware as a .pdf executable file or .pdf zip. Never open attachments, click on links, or respond to emails from suspicious or unknown senders.
- Fraudulent Use of Legitimate Business Logo, Website, Address, Phone
Fraudsters often insert actual identification references to a business into their phishing emails to make them appear legitimate.
Please be aware that business accounts are at a heightened risk of such scams, and be sure to protect yourself by first trying to recognize fake messages, and by installing up-to-date virus protection software on your business computers. If in doubt, do not click on links presented in any message you think is suspicious, rather attempt to authenticate any requests via trusted communications channels such as calling a company representative.
As your financial institution, we take great care in safeguarding your personal and financial information. For this reason, we would like to remind you that we will never send an e-mail requesting your information or asking you to verify a request or transaction.