Scammers are sending emails from someone claiming to be Bishop Halaas. Remember, no one from the synod staff will ever send an email asking you to send gift cards, perform "some tasks" or vaguely ask you for a "favor."
The Synod staff is constantly balancing the needs of a public church to openly share information and protect your privacy. So, we ask you to please follow these cyber safety guidelines:
- Always check the sender's email address. You can usually do this by hovering over the sender's name (without clicking on the address). Emails from the Bishop will always come from her @wisynod.org email.
- Delete any suspicious emails. Do not reply to them. Several of the scammers ask for gift cards or money in a second follow-up email, after an initial vague request for an immediate favor.
- When in doubt, don't reply or respond. You can always call the office to follow up on an email in question. If you have doubts, call first.
- Don't ever click on any links in a suspicious email.
- Never include personal or financial information in an email.
- If you don’t change your password regularly, do it today
- Avoid posting emails, list of emails, or documents containing emails without protection on websites / social media
- Avoid using personal or free Email addresses such as Gmail, Yahoo, etc., these are more vulnerable and easy to fake with look-alikes
- Implement two-step verification (e.g. email and phone call) for any financial transactions or wire transfers
- Provide security awareness training to staff and rostered leaders. Here is a link to a webinar that we conducted in April that may be a good starting place, https://www.elca.org/Resources/Information-Technology#Webinars We also have a good phishing avoidance piece posted on ELCA.org.
- Implement defensive security and email controls
- Report to Law Environment: Provide details of attacks to FBI, they may correlate any small cases with larger cases. Here is the link: https://www.ic3.gov/default.aspx.