Dear Members of District 53 Toastmasters,
We heavily rely on emails for communication, especially within our Toastmasters family. Cyber threats plague us everywhere from Social Media hacks that overtake profiles and various tried and true promises of inheriting wealth from foreign princes. Various email scams are referred to as phishing, these are attempts to gain access to financial resources. Such as asking for Bank Account numbers and other personal information or requests to make purchases. Regrettably, the latter recently occurred in our community. I would like to use this space to help you be diligent within your Toastmasters correspondence and elsewhere.
Our recent incident was a phishing attempt that began with an innocent email asking the recipient for a favor or a few minutes of time. A reply then progressed into requests for the purchase of gift cards. Toastmasters officers will never request the purchase of gift cards via email. Furthermore, in compliance with our bylaws, the purchase of non-Toastmasters’ gift cards is strictly prohibited. This same phishing attempt has been deployed all over the world in each Toastmasters district.
How to Identifying Potential Phishing Attempts
Here are best practices for identifying potential phishing attempts:
- Check the Sender’s Email Address: Examine the sender’s email address closely. Beware of addresses that appear suspicious or mismatched. Do you have the sender in your contacts, or a previous email which can be compared to the recently received message?
- Examine the Content: Phishing emails often contain spelling or grammatical errors, an urgent tone, or vague requests for personal information or financial transactions.
- Verify Links and Attachments: Hover over any links before clicking on them. Ensure they lead to legitimate websites. Do not download attachments unless you are certain of the sender’s authenticity. Do not click on any suspicious links.
- Trust Your Instincts: If something feels off about an email, trust your instincts. If you suspect a message is a phishing attempt, take precautions. Reach out to the recipient with a new email, or better alternatives such as text and phone calls.
What to Do When You Encounter Phishing Attempts
In the event, you identify a potential phishing email:
- Do Not Respond: Avoid responding to the email or clicking on any links within it.
- Report the Incident: Notify your club officers immediately. If necessary, escalate the issue following the chain of command – Area Director, Division Director, and finally, District Officers.
- Educate Fellow Toastmasters: Share your experience with your fellow club members, encouraging them to remain vigilant.
External Resources for Further Information
For more information on recognizing and combating phishing attempts, review these sources:
- Federal Trade Commission (FTC): The FTC offers guidance on recognizing and reporting phishing scams on their website: FTC Phishing Scams.
- Cybersecurity & Infrastructure Security Agency (CISA): CISA provides valuable insights into protecting against phishing attacks: CISA’s Phishing and Spoofing.
By familiarizing yourself with these best practices, you can protect yourself and your fellow members from phishing attempts.
Stay safe and informed.