Anonymous wrote:

Anonymous wrote:

Anonymous wrote:At my law firm we have cyber security training twice a year. Two things have been burned into my brain as red flags - an urgency of time, and large sums of money.

There are other red flags of course, but those are the two that always pop out to me. My firm sends out phishing emails to us to check if we fall for them or report them as a phish alert (we are to hit the Phish Alert Report button on any email we're unsure of).

Two weeks ago I got an email from my manager telling me a client wanted me to review them and I was to click a link, enter my username and password and then would get a link to the survey. When I double-checked what the email address was it said Manager@LawFirmName.com. And I thought "but we have SO MANY managers here - they wouldn't have given him that email address, it doesn't follow our format." Then I realized his email didn't say which client it was. Never mind how weird it would be for a client to ask their attorney's legal secretary to review them.

So there are red flags. You just have to listen louder to them than whatever the person on the phone or in the email is telling you.

So smart. Good for them.

I work at a university--our tech team does the same. It's very helpful.

When I mentioned to our General Counsel about the email from my manager and that I reported it, he thanked me and said one of my colleagues fell for it and cost the law firm $60,000. Yikes!

Anonymous wrote:

Anonymous wrote:At my law firm we have cyber security training twice a year. Two things have been burned into my brain as red flags - an urgency of time, and large sums of money.

There are other red flags of course, but those are the two that always pop out to me. My firm sends out phishing emails to us to check if we fall for them or report them as a phish alert (we are to hit the Phish Alert Report button on any email we're unsure of).

Two weeks ago I got an email from my manager telling me a client wanted me to review them and I was to click a link, enter my username and password and then would get a link to the survey. When I double-checked what the email address was it said Manager@LawFirmName.com. And I thought "but we have SO MANY managers here - they wouldn't have given him that email address, it doesn't follow our format." Then I realized his email didn't say which client it was. Never mind how weird it would be for a client to ask their attorney's legal secretary to review them.

So there are red flags. You just have to listen louder to them than whatever the person on the phone or in the email is telling you.

So smart. Good for them.

I work at a university--our tech team does the same. It's very helpful.

Anonymous wrote:Hate to admit this, but I too fell for a scam; thought that i could beat the local casino at blackjack.

I hope they at least gave ya a few free drinks

Anonymous wrote:At my law firm we have cyber security training twice a year. Two things have been burned into my brain as red flags - an urgency of time, and large sums of money.

There are other red flags of course, but those are the two that always pop out to me. My firm sends out phishing emails to us to check if we fall for them or report them as a phish alert (we are to hit the Phish Alert Report button on any email we're unsure of).

Two weeks ago I got an email from my manager telling me a client wanted me to review them and I was to click a link, enter my username and password and then would get a link to the survey. When I double-checked what the email address was it said Manager@LawFirmName.com. And I thought "but we have SO MANY managers here - they wouldn't have given him that email address, it doesn't follow our format." Then I realized his email didn't say which client it was. Never mind how weird it would be for a client to ask their attorney's legal secretary to review them.

So there are red flags. You just have to listen louder to them than whatever the person on the phone or in the email is telling you.

So smart. Good for them.

Anonymous wrote:

:::

Anonymous wrote:Being asked to buy gift cards or wire money should be a huge red flag.

Agree. Your boss will never ask you to rush to buy some giftcards online to give clients. That's a TERRIBLE client gift.

Anonymous wrote:do you not understand that anyone on the internet today will say anything to get a click or a repeat post like this? And you believe it?

+1. be more sensible about what you read and repost. there is a lot of garbage out there. not all of it needs to be reposted here.

Hate to admit this, but I too fell for a scam; thought that i could beat the local casino at blackjack.

Being asked to buy gift cards or wire money should be a huge red flag.

:::

I’m treasurer for our PTO and engaged in multiple back and forth emails with our PTO President who was asking me to pay an invoice using Venmo or Zelle to avoid a late fee. I told her that we’d rather pay the late fee than skip our (multi-layered) approval processes.

It took me until literally the next day to realize I wasn’t engaging with the actual PTO President, it was someone else who spoofed her account. And I work for a cybersecurity company!!

At my law firm we have cyber security training twice a year. Two things have been burned into my brain as red flags - an urgency of time, and large sums of money.

There are other red flags of course, but those are the two that always pop out to me. My firm sends out phishing emails to us to check if we fall for them or report them as a phish alert (we are to hit the Phish Alert Report button on any email we're unsure of).

Two weeks ago I got an email from my manager telling me a client wanted me to review them and I was to click a link, enter my username and password and then would get a link to the survey. When I double-checked what the email address was it said Manager@LawFirmName.com. And I thought "but we have SO MANY managers here - they wouldn't have given him that email address, it doesn't follow our format." Then I realized his email didn't say which client it was. Never mind how weird it would be for a client to ask their attorney's legal secretary to review them.

So there are red flags. You just have to listen louder to them than whatever the person on the phone or in the email is telling you.

Everyone on twitter is ragging on this woman for falling for such a stupid scam and I think they’re missing the point. Scammers use isolation/urgency/fear to make people panic and stop them from using their minds. It is nuts that a financial columnist fell for such a ridiculous scam, which goes to show what can happen when you aren’t thinking straight!

do you not understand that anyone on the internet today will say anything to get a click or a repeat post like this? And you believe it?

super easy to rag on this woman -

but my own husband fell for one of these online scams in a bad moment. ended up buying a couple thousand dollars in gift cards, made a couple of bank transfers - finally i realized what was happening and literally hung up his phone. but it was insane - it was just insane. i couldn't believe it happened.

luckily it wasn't $50k - gd forbid! - but it was a couple thousand dollars. i am still really shaken up that he fell for this - and it did make me worry that any of us could be vulnerable to something like this if it's the right scam at the wrong moment.

all that said - i don't see how this person can be a financial advice journalist after this!

i do think she'll get a book deal worth more than $50k.