Scammers Use Fake Email to Try to Get Users to Click on Fraudulent Link
The New York State Department of State and the Division of Consumer Protection today warned New Yorkers of an email phishing scheme. These illegitimate emails ask recipients to verify their profile to avoid experiencing delay and future problems in renewing their license. The messages link to a non-listed URL. Anyone who received such an email should delete it right away.
The following is a sample of the emails sent:
From: New York Secretary Of State [mailto:email@example.com]
Sent: Thursday, January 28, 2021 1:21 AM
Subject: Department Of State Important Notice
Effective January 30,2021 Department Of State,Division Of Corporations,State Andrew M Cuomo,Governor,Rossana Rosado.Secretary Of State require that all legally conduct businesses in the state should verify their profile to avoid experiencing delay and future problems in renewing their license in 2021
Please click on Validate Profile below to login to your account and begin the profile validation process.
New York Secretary Of State
Note: This is an automated email. Do NOT reply to this message.
Phishing emails are fraudulent messages scammers use to obtain data or sensitive personal information. That information can be used to commit identity theft or trick the recipient into installing malicious software onto a computer or mobile device.
To help protect against phishing or smishing (SMS phishing) scams, the NYS Office of Information Technology Services (ITS) and the Division of Consumer Protection recommend the following precautions:
- DO exercise caution with all communications you receive, including those that appear to be from a trusted entity. Inspect the sender’s information to confirm the message was generated from a legitimate source.
- DO keep an eye out for telltale signs of phishing – poor spelling or grammar, the use of threats, the URL does not match that of the legitimate site. If the message does not feel right, chances are it is not.
- DON’T click on links embedded in an unsolicited message from an unverified source.
- DON’T send your personal information via text. Legitimate businesses will not ask users to send sensitive personal information through text message.
- DON’T post sensitive information online. The less information you post, the less data you make available to a cybercriminal for use in developing a potential attack or scams.
For more information on phishing scams, as well as steps to mitigate a phishing attempt, visit the NYS Office of Information Technology Services Phishing Awareness resources page at https://its.ny.gov/resources or the Division of Consumer Protection Phishing Scam Prevention Tips page at https://www.dos.ny.gov/consumerprotection/identity_theft/protect_yourself_from_identity_theft/phishing.html.
The New York State Division of Consumer Protection serves to educate, assist and empower the State’s consumers. For more consumer protection information, call the DCP Helpline at 800-697-1220, Monday through Friday, 8:30am-4:30pm or visit the DCP website at www.dos.ny.gov/consumerprotection. The Division can also be reached via Twitter at @NYSConsumer or Facebook at www.facebook.com/nysconsumer