Thanks to our colleagues at IATSE we have recently become aware of a(nother) phishing scam looking for cast & crew for a project shooting in the area. The company is called Hurrah Production and is based out of Singapore.
The message attached below is a phishing scam.
Please do not respond to that email.
The email is being reported to the OMPA and reported to the US Dept. of Homeland Security’s Cybersecurity and Infrastructure Security Agency (CISA)
The IASTE encourages all to make their own report by following the directions below:
Report Phishing Sites
US-CERT partners with the Anti-Phishing Working Group (APWG) to collect phishing email messages and website locations to help people avoid becoming victims of phishing scams.
You can report phishing to APWG by sending email to [email protected].
What Is Phishing?
Phishing is an attempt by an individual or group to solicit personal information from unsuspecting users by employing social engineering techniques. Phishing emails are crafted to appear as if they have been sent from a legitimate organization or known individual. These emails often attempt to entice users to click on a link that will take the user to a fraudulent website that appears legitimate. The user then may be asked to provide personal information, such as account usernames and passwords, that can further expose them to future compromises. Additionally, these fraudulent websites may contain malicious code.
Learn More About Phishing
The following documents and websites can help you learn more about phishing and how to protect yourself against phishing attacks:
- Avoiding Social Engineering and Phishing Attacks
- Protecting Your Privacy
- Understanding Web Site Certificates
- Anti-Phishing Working Group (APWG)
- Federal Trade Commission, Identity Theft
- Recognizing and Avoiding Email Scams
Methods of Reporting Phishing Email to APWG
- In Outlook Express, you can create a new message and drag and drop the phishing email into the new message. Address the message to
[email protected]
and send it. - In Outlook Express you can also open the email message* and select File > Properties > Details. The email headers will appear. You can copy these as you normally copy text and include it in a new message to
[email protected].
- If you cannot forward the email message, at a minimum, please send the URL of the phishing website.
* If the suspicious mail in question includes a file attachment, it is safer to simply highlight the message and forward it. Some configurations, especially in Windows environments, may allow the execution of arbitrary code upon opening and viewing a malicious email message.
Also here is a link to great article on the phishing happening in our industry
You may also report emails like this to Federal Trade Commission:
How to Report Phishing
If you got a phishing email or text message, report it. The information you give can help fight the scammers.
Step 1. If you got a phishing email, forward it to the FTC at [email protected] and to the Anti-Phishing Working Group at [email protected]. If you got a phishing text message, forward it to SPAM (7726).
Step 2. Report the phishing attack to the FTC at ftc.gov/complaint.