What is "Phishing" and How Can I Protect Myself?

Updated: Nov 19, 2021


With the holidays around the corner, it's also the time of year when we also experience more than a few online and email scams. Oftentimes, an email will be received that appears to be from someone you know, but upon closer inspection it is not. In recent years, we have seen scams that center around what appears to be a Christ Church staff member or Diocese of Maryland personnel's email account, but turns out to be anything but. It's important to be very thorough with verifying these emails before doing anything.


The emails seem harmless; they usually have the rector or staff member's name and an email address that looks legitimate, but upon further inspection you'll see that the email address is actually from a provider different than the "@christchurchcolumbia.org" address that we typically, and securely, use. In some instances, the sender’s name may look correct but is missing a single letter. Or, it may otherwise closely resemble the real email address; for example, bob@churchstaff.org becomes bobchurchstaff@gmail.com, or similar. The sender might ask for you to help them by purchasing gift cards and sending them the details, or to provide your banking info, Social Security number, or other private credentials.


If you receive an email like this but you're unsure of its authenticity, please do not respond directly to it or click any links in the email. Instead, email our Communications Administrator, Chris, at communciations@christchurchcolumbia.org and place "Phishing scam?" in the subject line. Do not forward the actual email; instead, you can type the sender's email address in the message body or take a screenshot of the email (how to do this - Windows / Mac / Android / iPhone) and include that image in your email. We will tell you if the address is in our official CEC database, or if it appears to be a scam.


The safety of every parishioner is paramount to us, and we will help if we can. If you have the slightest question about a questionable, received email, please email us at the above address and leave a phone number that we can call you back at. We will help go through steps to resolve the concern.


General email DOs and DON’Ts:

  • DO double-check your emails carefully.

  • DON’T ever respond to an email asking you for money.

  • DO verify in person, by email to a trusted address, or by phone any request involving money or personal information.

  • DON’T reply.

  • DON’T click on any links within the message.

You can learn more about how to protect yourself, as well as how to report suspected phishing emails or text messages, by visiting the Federal Trade Commission's website here. If you got a phishing email, forward it to the Anti-Phishing Working Group at reportphishing@apwg.org. If you got a phishing text message, forward it to SPAM (7726).