SCAM ALERT: Fake Email to Expose Member Payment and Password Information
Jan 4, 2021 | posted by Jason Nugent
We have received reports of an email scam targeting DirectLink members that seeks to gain access to sensitive payment information. If you receive an email that looks like the image below, do not click on any of the links in the message – this is a scam email.
The fake email claims that members’ payment information needs to be updated in order to avoid service interruptions, and then asks the email recipient to click on a link labeled “My Account” to log in and update their payment method. The landing page for the fake website looks like the image below.
What do I do if I entered my information in the fake site?
If you have already clicked on the scam link and provided information, we recommend the following:
- Contact your bank or credit card institution if you entered payment information into the fake site as soon as possible to see what options are available.
- Call our Member Services Team at 503-266-8111 or 503-845-2291 or visit your SmartHub portal through the main DirectLink webpage to change your DirectLink account password immediately.
- If you happen to use your DirectLink password to log into other websites, we recommend that you change those now as well. In fact, we strongly recommend that you have a different password for every site that requires one. This helps to prevent a scammer who obtains one password to get into other sites using your name. If they become too much to remember, a password manager like LastPass or Google passwords may prove helpful.
How do I protect myself from scams like this?
It is always suggested to verify the legitimacy of an email before clicking a link or providing sensitive personal information. DirectLink routinely blacklists, or blocks, attempts from scammers like this from ever reaching your inbox. However, these malicious groups change their email origin constantly so occasionally one will slip through. We suggest being on alert with all emails that seem suspicious, just in case.
We recommend the following:
- Do not open the email if the message seems suspicious from the preview window. If you do choose to or accidentally open it, verify the sender’s email address. Hover your mouse over the email address, and the true address of origin should be displayed.
- Delete the email.
- Look for language that appears off or suspect. For example, this particular scam email message says at the bottom “Warning: This email was automatically sent to YOU, Please do not reply back to this email.” DirectLink will never tell you not to reply to an email from us or call into our office. We always provide a way to respond or ask us questions with any correspondence.
- Do not click links within the email. However, if you do choose to (or accidentally) click on a link within a questionable email, make sure the link takes you to the official company website with a close look at the URL address. Hover your mouse over the link, and the URL will pop up in the bottom-left corner of your screen. See the image above for an example. If you view emails on a mobile device, press and hold down on a hyperlink, and the URL will appear.
- Do not reply to the sender. Ignore any requests that the sender may ask and do not call phone numbers (if provided) in the message. If you feel that you need to contact the company the scammer is pretending to be, use the methods of communication you already know through official website or phone number on a bill statement or company provided printed material.
- Report it to help others avoid email scams.
- If it is DirectLink specific, call or contact Member Services or Tech Support.
- Use the Federal Trade Commission’s online Complaint Assistant at https://reportfraud.ftc.gov.
Go back to news feed.