All Collections
Notices
Phishing Email Trend Regarding Project Work
Phishing Email Trend Regarding Project Work

Certified Consultants being targeted

James Trujillo avatar
Written by James Trujillo
Updated over a week ago

As many of Certified Consultants know, from time to time, bots or programs will scrape the Certified Consultant Listing page to obtain names and emails of consultants that have chosen to post on the listing. With this public facing information, bots have and will scrape the page for information that they can use just like they do on many other public facing pages, in order to use for their own malicious means. In case you want to know more about scraping: https://www.techopedia.com/definition/5212/web-scraping

However, this one has taken a very specific approach as it has targeted those that have promoted themselves as a "consultant" so that the phishing email could solicit a response from the consultant to "work on a project." Avoid responding to this email to ensure that the third party doesn't know that the email is a good email address. In case you want to know more about phishing: https://www.techopedia.com/definition/4049/phishing. More advice to protect yourself and your systems: https://consumer.ftc.gov/articles/how-recognize-and-avoid-phishing-scams.

The subject line will often have "Hello" the name of the consultant and "Facilitator" or "Consultant" to give some sort of credibility to the email.

Here is an example of the content found in the body of the email message:

"I saw your profile in ( www.kolbe.com ) and I decided to use this means to inform you of the project I have at hand, ofwhich would like you to be a part.could you please respond back before I go further."

The other version that is out there may also replace "www.kolbe.com" with "www.warewithal.com" as the Certified Consultant Listing was also hosted on warewithal.com until early 2023.

You can also find additional information regarding this kind of phishing with this Google Search: https://www.google.com/search?q=joydku1%40gmail.com&oq=joydku1%40gmail.com&aqs=chrome..69i57j69i58.11383j1j4&sourceid=chrome&ie=UTF-8

Remember, the best practice when posting public information is to use a generic email and to always be cautious about the email received from such places.

Did this answer your question?