If you’ve recently received a strange email from a WAFP address, it is likely a phishing attempt. This version was recently brought to the attention of WAFP staff:
A few telltale signs indicate that this is a phishing attempt:
- Note the mismatch between the displayed email text (“Brian@wafp.net”) and the subsequent text (“firstname.lastname@example.org”). For legitimate WAFP email, the display email text will be a name (Karla Graue Pratt or Brian Hunsicker) and the text that follows will be the corresponding email address (email@example.com or firstname.lastname@example.org).
- There is no personalization. Whenever possible, particularly on initial emails, WAFP staff endeavors to personalize the greeting so you know that you are the intended audience: Dear Dr. Smith, Dear Membership Committee member, etc.
- The URL “linking” to the invoice doesn’t pass the smell test. Most links sent by WAFP staff would be to a recognizable website: wafp.net, seattletimes.com, spokesman.com, wsma.org, etc. Less recognizable links would include a specific explanation as to what the link led to. In addition, WAFP staff does not use our website to host invoices; if, however, we were linking to a specific document as the email suggests, the link would reflect that. In such a case, the URL would end in .pdf, .docx or some other indicator that you were accessing a file, not a webpage.
- WAFP staff does not use its email addresses in lieu of a name, as this email does in the closing.
Unfortunately, this is a very common practice from scammers. WAFP – and any other legitimate organization – has very little power to prevent scammers from using our contact information in such a way.
- Your email address or phone number is different from the one you gave to that company.
- The message looks significantly different than other messages that you’ve received from the company.
- The message request personal information, like a credit card number or account password.
- The message is unsolicited and contains an attachment.