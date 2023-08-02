It can happen to anyone. Phishing scams are getting more sophistica ted, and even savvy professionals can fall victim to them.

It would be easy to dismiss the swindle that took the New York Assembly Republican’s campaign committee for $55,000 back in December with a superior-minded “tsk, tsk.” But whoever did this was smart. The perpetrator mimicked email addresses of Assembly Republican campaign staffers, and used methods that mirrored the committee’s typical internal operations and practices.

That’s how phishing works; it lures its prey through looking like a known and trusted communication. Those who fall for these scams often end up providing access to bank accounts or taking part in bogus online transactions.

In this case, the Assembly Republican committee wired $55,000 to a company called “Portland & Cromwell Consulting.” It was a scam company imitating a legitimate enterprise and it doesn’t look like the money is retrievable. But it could have been worse; the committee managed to evade a number of similar fraudulent attempts that occurred at the same time.

It’s similar to what happened earlier this year to North Carolina gubernatorial candidate Attorney General Josh Stein, a Democrat, who lost $50,000 in a fraudulent wire transfer made mistakenly by a campaign vendor. Keep in mind that the offices of attorneys general are often the entities that prosecute such scammers. Clearly, no one is immune.

Constant vigilance is required to keep from becoming a phishing statistic; according to the FBI, 300,497 phishing victims lost a total of more than $52 million in 2022.

It’s important to keep up to date with the latest phishing strategies, especially as they become more sophisticated, but, overall, making it a policy never to give out financial and personal information – such as account numbers and Social Security numbers – over the phone or internet is a good basic rule.

Here is Citibank’s advice: “Always independently verify emails and telephone numbers before engaging in any dialogue, and never click on any links or open attachments contained within unsolicited emails. Ensure your devices have up-to-date operating systems and antivirus software.”

With online phishing scams, it pays to be paranoid.

