Start typing and press Enter to search

Phishing Emails Targeting Employees

Phishing Emails Targeting Employees

Unfortunately, phishing scams have been on the rise for several years and don’t seem to be going away. The best way to address the issue is to make sure it’s top of mind for employees. Send a monthly or quarterly reminder that they should be skeptical about responding to emails that seem even slightly off and report them to the IT department immediately.

Explain to employees that usually the scammer purports to be a company executive and requests personal information about employees — sometimes just their phone number to start. Other times they’ll go directly to asking for financial or personal information such as payroll records or passwords. Here are a few examples of what the suspicious emails might say:

  • I need you to complete an urgent and essential task for me, send me your cell number ASAP for details.
  • Hello, I need you to get a purchase done, as I am planning to surprise some of the staff with gifts. Your confidentiality would be appreciated not to ruin the surprise. Acknowledge me once you get this, thanks.
  • Kindly send me the individual W-2 (PDF) and earnings summary of all our company staff for a quick review.
  • I want you to send me copies of employees’ W-2 wage and tax statements for 2019. I need them in PDF file type; you can send it as an attachment. Kindly prepare the lists and email them to me asap.

Show your employees these examples, or others likes them, and make it clear that they should not, under any circumstances, email sensitive employee information such as W-2s, benefit enrollment forms, completed census forms, or anything with social security or credit card numbers. They should also not follow links in emails or prompts to login to systems (even those they are familiar with) unless they are certain the request is legitimate.

Looking for more help managing your employees? Contact us today and work with a certified HR Professional.

Reply a Comment

SUBSCRIBE

GENERAL DISCLAIMER

This blog is for informational and educational purposes only. It does not constitute legal advice, and cannot constitute legal advice, because the authors are not licensed attorneys. Readers should not rely or act upon any information presented on this blog without seeking professional legal counsel. The views expressed in each post are those of the author, and the author alone; they are not the views of Ahola. The information provided in this blog is general, and based on information available as of the date of publishing. Information herein is provided on an “as is” or “as available” basis; we make no warranty of any kind to you regarding the information provided and disclaim any liability for damages from use of the blog or its content. Please consult an attorney to obtain advice with respect to any particular question or issue.