Be Cautious with Malicious Incoming E-Mails

Various members of our community have received malicious e-mails from fictitious/faked/cryptic e-mail addresses, pretending to be somebody of our community, asking for immediate reply to facilitate urgent actions (such as payments, authorization, account verification etc.).

When you get such e-mails, delete them immediately without any further action, especially:

• do not open them
• do not forward them
• do not copy/paste them (make a screenshot instead if needed)
• do not answer/reply (neither to the sender, nor to all e-mail addresses in the e-mail)
• do not click on any link
• do not open any attachment

As the senders e-mail address is visibly not a known one to us, it is unlikely that an e-mail account has been hacked. However the malicious e-mails are sent to many known e-mail addresses in our community. Where do these come from?

Sending e-mails isn't secure, this is well known, because they can be intercepted. Unencrypted and sent via unsecure e-mail servers they are an easy catch. Newsletters to distribution lists sent openly (instead of via BCC only) do visibly spread all the recipient's e-mail adresses to every single recipient. Lists of e-mail addresses from data breaches on other popular platforms such as Survey Monkey, Doodle, Zoom, etc. are being sold in masses for little in the dark net. All of this can happen without any personal e-mail account being hacked. So it's time to become more cautious and more sensitive to these circumstances...

If an e-mail request to you is serious and really urgent/important, you can count on the principle, that if you don't answer it via e-mail, the sender will try to contact you via another channel (phone, mobile, SMS, etc.)!