A boss scam is a phishing (email) or smishing (text messages) scam used by hackers. Hackers send fraudulent emails or texts in the boss scam, impersonating your boss or another executive. Information gathered through such scams can then be used for illegal activities and identity theft.
The Better Business Bureau has warned the public to be careful when opening messages and emails from their boss as it can be an impersonator. Since email compromise scams such as boss scams are on the rise, it is imperative to be cautious while conducting transactions.
Here is more information on how to help avoid boss scams and where to report these scams.
How Does a Boss Scam Work?
A fake boss email or text scam works by hackers impersonating business executives or bosses. Cybercriminals gain access to official mailboxes and, through them, employee email IDs, personal information, and phone numbers by hacking into an executive’s mailbox.
Hackers then use these official IDs to send emails or texts to employees. Cybercriminals can ask for funds, gift cards or even personal information under the ruse of official business. Since the message comes from an official mailbox or number, unsuspecting employees fall prey to the hackers’ tactics.
Tips to Avoid Scams
Although it can be easy to become a victim of such legitimate-looking scams, there are a few things you can do to help protect yourself. Here is a list of tips you can use to help avoid boss scams:
- Verify Emails: Some scammers do not hack into the official mailbox but use a similar email ID instead with minor differences that often go unnoticed. If you sense that the email address seems suspicious, verify it from your boss or the HR department.
- Do Not Fall into Urgency: Scams often create a fake sense of urgency to get you to send them the required details as quickly as possible. Instead, take some time to rethink the importance of the email and if the matter is urgent.
- Rethink The Message: If something does not seem right about the email, your gut feeling is probably right. If the email or text seems contradictory to what your boss might say, always re-check with them through an alternative mode of communication before completing the task. For example, your boss or business is likely not to do business through gift cards or ask you to purchase them.
- Verify Before Completing Transactions: Before going ahead with transactions that seem dubious, always double-check with your boss.
- Beware Of Unverified Links: Do not click on any links that may come with emails that seem out of place, nor should you enter personal information such as passwords to pages that open from these links.
Where to Report Boss Scams
If you have come across a boss scam, you should report it immediately. Here is where you can report boss scams:
- You should report the scam to your boss and IT department.
- You can report the scam at Internet Crime Complaint Center (IC3).
- Call US-CERT at 888-282-0870 or email at [email protected].
- You can report identity theft at www.IdentityTheft.gov.
- If applicable, you can also report the fraud to Federal Trade Commission at www.ftc.gov/complaint.
- If you feel that your Social Security number has been compromised, then you can contact the Social Security Administration (SSA) at 1-800-772-1213.
Bottom Line
Being a scam victim can be worrisome. There are numerous resources to help you solve this dilemma. The government is swift to take action in fraud and identity theft cases, provided you approach the concerned authorities in time. However, if you want to take further precautions and protect your identity, you can sign up with an identity theft protection service.