All businesses are vulnerable to social engineering and online fraud which is on the increase. It is important that ERA members are vigilant and familiarise themselves with how to recognise and identify fraudulent emails claiming to be from ERA so that they can determine whether an email is a genuine ERA one or not.
Social engineering is the art of manipulating people so they give up confidential information. Some examples of social engineering and in particular fraudulent emails are:
- Phishing emails – these claim to be from genuine businesses requesting that individuals reveal confidential information such as passwords and bank details. They can also contain malicious links that can be used to obtain information if clicked on.
- Spoofing emails – emails where the fraudster disguises the true sender of the email by masking the sender address so that on the surface the email appears to be sent from a genuine email address but when you click reply to this email the email address that you reply to will change. If this occurs this is a possible indication of a potential fraudulent email.
Genuine ERA emails:
All genuine ERA email will be sent from the following domains:
- @eraa.org
- @eraa-comms.org
- @events-eraa.org
ERA will never communicate via the following domains:
- @hotmail.com
- @gmail.com
- @aol.com
- @live.com
- @outlook.com
- @yahoo.com
- @accountant.com
- @mail.ru
- @icloud.com
- @outlook.be
This list is not exhaustive and is meant as examples of other domains that fraudsters frequently use.
You should assume that all emails sent from other domains such as from these examples and claiming to be from ERA are fraudulent. Do not respond to messages originating from these domains claiming to be from ERA, block the email address and or domain, delete the message and report any further activities to your internal IT department and also to ReportFraud@eraa.org
If you are unsure whether the message you have received is a genuine ERA email sent by ERA please contact ReportFraud@eraa.org
Tips to stay safe
- If in doubt of a message as being genuinely from ERA report to: ReportFraud@eraa.org or contact ERA by telephone.
- Do not click on any links in emails you are not sure are genuine or if they look suspicious.
- Do not download or open attachments in emails unless you are sure they are genuine.
- Do not reply to emails requesting personal information, unless you can check that these are from ERA.
- Do not give out any private information.
- Delete suspected fraudulent emails, report them to your IT department and block the sender email address and domain to block further attempts.
- Does the email ask you to take action urgently? This can be an example of a phishing email.
- Does the email provide details of a new bank account for payment? Fraudsters often say bank account details have change here are our new details for payment. If in doubt check these details
- Check the email address claiming to be from ERA:
- When you click reply does the email address change?
- Is the domain a commonly used public one such as @hotmail.com or gmail.com perhaps?
- Is the email address/domain one of the ones listed below? If so it will not be a genuine ERA one
- Check for grammar and spelling errors. Phishing emails often have spelling and grammatical errors.
- Check if the font used in the email is consistent and the same size and type?
- If in doubt check with ERA at: ReportFraud@eraa.org
Suspicious domains and email addresses to be aware of:
The following is a non-exhaustive list of some examples of fraudulent/suspicious email domains and addresses that ERA is aware which has sent emails claiming to be from ERA or who have sent suspected suspicious phishing or spam messages.
- bill.invoice22000@outlook.com
- bill.invoice2019@outlook.com
- boardpresident653@gmail.com
- accounting-department2021@accountant.com
- @accountant.com
- pay-invoices@accountant.com
- inf22@eraa.org
- @consultant.com
- assocboardpres2021@gmail.com
- inister@communications.gov.au
- siervodelfuego@consultant.com
- luc_ext@iac.es
- dugandhenao@gmail.com
- monjemarxista@gmail.com
- eduprat@ewtn.com
- siervodelfuego@myself.com
- acc1@accountant.com
- acountt@outlook.be
- acount2023@outlook.be
- @aceb2bglobalmarketingleads.com
- jessica@aceb2bglobalmarketingleads.com
- accounting.department2023@europe.com
- acount1979@outlook.com
- acount2023@outlook.be
- acc-payable3@outlook.com
- acccoo2012@outlook.com
- boardpresident644@gmail.com
- adepartment8487@gmail.com
- acount2023@outlook.be
Examples of suspicious non-genuine email subject lines:
- ERA LOGISTICS SUPPORT REQUEST
- INVOICE
- DELEGATE TRAVEL LOGISTICS SUPPORT