February 24, 2017
Following reports of businesses and attorneys across the city receiving e-mails from a sender claiming to be The Department of Consumer Affairs, the agency is issuing an alert warning New Yorkers not to open, respond to, or forward any such e-mails. The contents of the e-mail allege that a complaint has been filed against the business or attorney and contain a document attachment that purports to be the complaint.
DCA is advising any New Yorker that receives a communication from “firstname.lastname@example.org” or any other email address claiming to be from DCA that does not end in “@dca.nyc.gov” to delete it immediately. These emails are scam attempts and should not be opened, responded to, or forwarded. Recipients should not open links in these emails, download any attachments, or provide any personal information requested.
DCA encourages all New Yorkers to always remain on alert and follow best practices for protecting yourself from phishing scams:
- Avoid giving out personal information on social networking sites such as Facebook and LinkedIn and set your privacy and security settings at the most restrictive levels for these sites. This limits the information scammers can gather about you (which can be used against you in a phishing attack).
- Open web pages from bookmarks which you have personally set or, even better, by typing in their URLs.
- Since email addresses can be "spoofed" (faked) you should be cautious with all emails you receive, including those which appear to be from friends and "trusted entities." Ask yourself whether the email is really from whom it appears to be and if you are unsure, contact the sender by telephone to verify the message. Do not respond to unsolicited emails requesting personal information nor to those which ask you to "verify your information" or "confirm your user ID and password."
- Be cautious with links contained in emails, even from friends and sources you normally trust. Do not open any attachments contained in suspicious emails and do not respond to unsolicited pop-ups.
- Do not participate in chain-letters (chain emails).
- If an email appears to be a phishing attack, do not respond to it and, except for reporting it, do not forward it. Instructions for reporting phishing attacks to the Federal Trade Commission are available at this link - Reporting spam to the Federal Trade Commission: https://www.consumer.ftc.gov/