October 20, 2022

The wrong kind of phishing

By Jen Graves, RMBA Board Secretary

Unfortunately, the National Bison Association (NBA) as well as state and regional associations, including RMBA, are constant targets for cyber criminals. Perhaps this is because we are small, non-profit associations and therefore easier targets. While our websites are locked down and secure, there is one side effect that we cannot stop: fraudulent emails.

By now, all RMBA members have received a fake email from John asking for money or gifts cards. Please know that this is not how RMBA conducts business. Since we cannot stop these scammers, I wanted to provide you with my tips for spotting a fake email.

1. Always check the “from” email address.

Anyone can change the display name, but does the email address make any sense?

  • “Jen Graves” jennifer.gray.graves@gmail.com <– legit
  • “Jen Graves” h36456nkl@gmail.com <– shady lady

How to check? Usually you can check by hoovering your mouse/pointer over the sender’s name or clicking on it.

Pro tip: For RMBA members, you can check a fellow member’s email address on bisonranchers.com.

2. Trust your gut.

If it doesn’t sound like the person, it probably isn’t them.

  • Howdy folks !!!! John Here! Wanted to say hi… (NOT John)
  • Dear Sir/Madam (nope, NOT John either)
  • Hi RMBA (yep – that’s probably John)

3. Consider the urgency.

What’s the rush? Spammers needs you to act fast and not think, so they will say “I need help fast” or “help soon.” Like many of you – John reserves panic for when bison are not behaving. If he needs something quickly, he will explain the circumstances (i.e., “Please provide feedback by Thursday, so I can represent your thoughts at the meeting on Friday”). Anything else would warrant a phone call.

4. Be skeptical.

Ask yourself why RMBA (or any organization) would need this information. Real groups state the reason they are asking for information, donations, etc. If they don’t say why, don’t hesitate to call and ask!

RMBA does not need and therefore will never ask for your social security number or banking account information. Additionally, we will not email members asking for wire transfers or gift cards, etc.

5. We respect you.

If nothing else, please consider this: we respect you. If RMBA was raising money or asking for favors, you better believe that we would write a better email than “Hey you – can I please get some money?”

Short story: Thank you for considering sending “John” money for whatever crazy request he had, but you can ignore it.

 

 

Want to learn more? October is Cyber Security Awareness Month and CISA offers great tips to step up your cyber security!