Email Safety in the Diocese of Portland

In 2021, phishing scams continue to occur on a regular basis. On occasion, emails or texts claiming to come from the bishop, pastors, or other staff members are received, but the messages are not actually from them. Their email has not been hacked however, as scammers create email accounts with fraudulent information, so that it appears to be coming from a known recipient. Typically, these are coming from @gmail.com addresses. Never follow links, open attachments, or reply to suspicious or unsolicited messages. These phishing emails and texts are attempts by scammers to trick you into giving out personal information such as your bank account numbers, passwords, credit card numbers, or most common, to purchase gift cards.

How to Identify Phishing Scams

  • The sender’s email address or phone number doesn’t match the name of the company that it claims to be from.
  • The message starts with a generic greeting, like “Dear customer.” Most legitimate companies will include your name in their messages to you.
  • The message invites you to click on a link.
  • The message looks significantly different from other messages that you’ve received from the company/person.
  • The message requests personal information like a credit card number or account password.
  • The message is unsolicited and contains an attachment

What You Can Do

  • Do not send any personal information over email such as your bank or credit card accounts/passwords/login information, etc.
  • You may verify the sender's address by hovering over the name or clicking the email details in the "from:" column to see the email address. As an example, the email says it’s from Father John, but the email address listed is from [email protected]. That is not a valid email from Father John, who will always send emails from an @portlanddiocese.org address.
  • If an email seems suspicious or questionable, always call the person or parish that sent the email to verify that they sent it.
  • Hover your mouse over any links embedded in the body of the email. If the link address looks strange, don’t click on it.
  • In general, never click links from unsolicited emails.
  • Including malicious attachments that contain viruses and malware is a common phishing tactic. Malware can damage files on your computer, steal your passwords, or spy on you without your knowledge. Don’t open any email attachment you were not expecting.

Phishers are extremely good at what they do. Just because an email has convincing brand logos, language, and a seemingly valid email address, it does not mean that it’s legitimate. Be skeptical when it comes to your email messages. If it looks even remotely suspicious, don’t open it. This is a good practice to keep in mind for not only diocesan emails but also from your family, friends, or any other contacts you have.

How to Report Phishing

If you recieve a phishing email or text message, report it. The information you give can help fight the scammers.

  1. If you receive a phishing email, forward it to the Anti-Phishing Working Group at [email protected].
  2. If you receive a phishing text message, forward it to SPAM (7726).
  3. Report the phishing attack to the FTC at ftc.gov/complaint. Read the full page from the FTC by clicking here.

Additional Resources