Important Notice: Ongoing Email Scam Targeting Industry Members

We want to alert all members that a phishing email scam is currently circulating within the industry. The scam email typically appears to come from a known business contact and indicates that a document has been shared with you for review (example: "Addendum #02"). The message includes a link to access the document. In some instances, the email will provide a false password to access the document.

If you click the link and attempt to open the file, your email account may be compromised. Once compromised, the scam spreads by sending similar messages to everyone in your address book.

Key tips to avoid falling victim:

• Verify unexpected emails: If you receive an unexpected document or link from a colleague, call or message them directly to confirm its legitimacy.
• Check the sender’s email address carefully: Scammers may spoof names but often use slightly altered or unfamiliar email addresses.
• Be cautious with links: Hover over links before clicking to verify the destination URL. In this case, suspicious domains like “mimecastprotect.com” or unknown redirect URLs are being used.
• Enable multi-factor authentication (MFA): MFA adds an extra layer of protection to your email accounts.
• Report suspicious emails: Notify your IT department or email administrator if you receive a suspicious message.

Please remain vigilant and share this notice with your staff to help prevent further incidents.