Employer Update

Emails – writing them, reading them, searching for them – account for a sizeable chunk of most people’s workdays. In fact, in a typical workweek, the average person receives 368 emails and sends 130 emails, according to a 2023 analysis by the firm Email Analytics.

In that flood of emails, could you spot the scams?

The numbers merit concern. In its State of Phishing 2024 Mid-Year Report, SlashNext says malicious emails have spiked 856% in the last 12 months. The firm notes a 4,000% increase in malicious email attempts since the launch of the AI tool ChatGPT.

Spot the Scam

Phishing is not new, even if scammers’ techniques have grown more sophisticated:

• Misspellings and bad grammar, especially in the sender’s email address or company name are dead giveaways. However, newer AI-generated phishing emails have cut down on the obvious grammatical mistakes. So, look for inconsistencies in tone, style and vocabulary as well as mismatched signatures or greetings.
• The emails seek sensitive information but provide little context for the requests.
• The requests themselves are often urgent and threatening. “You’ll lose access if you don’t _____.”
• Hovering over the link in the email (there is always a link) typically reveals a suspicious or convoluted website address.

Report the Scam

Not only should you avoid clicking on anything in these types of emails, but you should also report them using your agency’s built-in security tools. Even off the clock you should report suspicious emails you receive in your personal accounts, using the built-in tool for your email provider.

Learn More

• The VRS Security Center has tips for account security.
• The Anti-Phishing Work Group tracks the latest trends.
• The National Cybersecurity Alliance offers resources and guides you can share.