Although it’s April Fools’ Day this is not a joke—we’re getting reports of customers receiving an email that looks like the one below.
This IS NOT from TDS and do not click the link. If you have “verified your TDS.net box,” we urge you to change your TDS passwords immediately.
Reminder: TDS will never contact you directly and ask you to verify any part of your account.
Customers are reporting the following phishing scam email:
We have safeguarded your account, there is a possibility that someone other than you is attempting to login your account. As part of our ongoing commitment to provide the best protection to all our customer’s security. We therefore ask you to fill in your online data correctly, in other for us to update the settings in your account, by clicking on this link: http://tds-net pe hu”
Phishing emails like this one can appear to be the real thing, but here’s how you can spot a scam:
1. Look at the sender’s email address. Often this is your first clue something is amiss—if the address doesn’t match the business supposedly sending the email, it’s probably a scam. Today’s email is a perfect example.
2. Look for spelling and grammar mistakes. Frequently cybercriminals make some pretty horrible mistakes (see our previous alert). Sure, mistakes happen even in professional communications, but they’re rare. If you notice errors, it might be a scam.
3. Beware of links. Hover your mouse over any links in a potentially suspicious email. Doing so will reveal the actual web address you’ll be taken to if you click. If the address is a cryptic set of numbers, looks nothing like the web address from the supposed sender, or is actually an .exe file (which could actually be malicious software), you know it’s probably a scam.
4. Don’t fall for threats. Watch for phrases such as “your account will be closed” or “your account has been compromised.” Odds are if either of these were true, you would be contacted in a way other than over email.
5. A company you do business with is asking for information. It’s easier to scam people when they think the email is from a company they already know—just remember the company probably already has (or should have) the information being requested.
A good rule of thumb for unsolicited emails (and phone calls!) is to be skeptical. And, when in doubt, delete the email and reach out the business who “sent” it to see if it was legitimate.