What is "Phishing" and Why Do You Need to Know?
In today's ever-increasing digital world, we experience more than a few online and email scams. Oftentimes, for example, an email will be received that appears to be from someone you know, but upon closer inspection it is not. In recent years, we have seen scams that center around what appears to be a Christ Church staff member or Diocese of Maryland personnel's email account, but turns out to be anything but. It's important to be very thorough with verifying these emails before doing anything.
The emails seem harmless; they usually have the rector or staff member's name and an email address that looks legitimate, but upon further inspection (usually by hovering over the sender's address in the email) you'll see that it is actually from a provider different than the "@christchurchcolumbia.org" address that we typically, and securely, use. In some instances, the sender’s name may look correct but is missing a single letter. Or, it may otherwise closely resemble the real email address; for example, "bob@churchstaff.org" becomes "bobchurchstaff@gmail.com" or something similar. The sender might ask for you to help them by purchasing gift cards and sending them the details, or to provide your banking info, Social Security number, or other private credentials. Note that this is only one method; there are many others so that those sending phishing emails can try to stay ahead of the innocent recipients.
But there are things we can all do to protect ourselves.
If you receive an email like this but you're unsure of its authenticity, please do not respond directly to it or click any links in the email. Instead, you can email our Communications Administrator, Chris, at communciations@christchurchcolumbia.org and place "Phishing scam?" in the subject line. Do not forward the actual email; instead, you can type the sender's email address in the message body or take a screenshot of the email (how to do this - Windows / Mac / Android / iPhone) and include that image in your email. We will tell you if the address is in our official CEC database, or if it appears to be a scam.
The safety of every parishioner is paramount to us, and we will help if we can. If you have the slightest question about a questionable, received email, please email us at the above address and leave a phone number that we can call you back at. We will help go through steps to resolve the concern.
General Email DOs and DON’Ts:
DO double-check your emails carefully.
DON’T ever respond to an email asking you for money.
DO verify in person, by email to a trusted address, or by phone any request involving money or personal information.
DON’T reply.
DON’T click on any links within the message.
You can learn more about how to protect yourself, as well as how to report suspected phishing emails or text messages, by visiting the Federal Trade Commission's website here. If you got a phishing email, forward it to the Anti-Phishing Working Group at reportphishing@apwg.org. If you got a phishing text message, forward it to SPAM (7726).