Email Phishing Scam Targets TxDMV Temporary Tag System
TxDMV has implemented numerous temporary tag controls and shut down most of the illegal sale of temporary tags in the past year. However, fraudsters have recently shown they are still looking for new ways to access temporary tags. Specifically, fraudsters are resorting to sending phishing emails. TxDMV recently received two separate reports of email-fraud posing as TxDMV. Both of the emails appear to be sent from firstname.lastname@example.org using ‘TxDMV eLICENSING' as the email account name.
“Welcome to the Texas Department of Motor Vehicles (TxDMV.) webDEALER | eTag System. The webDEALER|eTAG system is designed to make processing dealer tags fast and easy for dealerships, please note that you are required to provide additional information in order to continue to make use of the webDEALER | eTAG system and also to prevent your account from fraud. To access your account, please click on the link below to Update your profile”. TIADA recommends being extra vigilant as other state and federal agencies have experienced phishing schemes targeting dealers. If you and your employees have not already taken a course designed for compliance with the revised Safeguards Rule, you should not wait until the June 9 deadline and get on it right now, as compliance with the Safeguards Rule is just one of the numerous reasons you should be taking a course. Here are some tips related to phishing that are from TIADA's Safeguards Rule on-demand education.
TIPS TO AVOID PHISHING SCHEMESPhishing emails and text messages may look like they're from a company you know or trust. They may look like they're from a bank, a trusted vendor, a credit card company, a social networking site, an online payment website or app, or an online store.
Phishing emails and text messages often tell a story to trick you into clicking on a link or opening an attachment. They may:
- say they've noticed some suspicious activity or log-in attempts
- claim there's a problem with your account or your payment information
- say you must confirm some personal information
- include a fake invoice
- want you to click on a link to make a payment
- say you're eligible to register for a government refund
- offer a coupon for free stuff
WHAT TO DO IF YOU SUSPECT A PHISHING ATTACKIf you get an email or a text message that asks you to click on a link or open an attachment, answer this question: Do I have an account with the company or know the person that contacted me?
If the answer is “No,” it could be a phishing scam. Remember the tips to avoid phishing schemes discussed previously. If you see them, report the message and then delete it.
If the answer is “Yes,” contact the company using a phone number or website you know is authentic, not the information in the email. Attachments and links can install harmful malware.
HOW TO REPORT PHISHINGReporting a phishing email is essential in combating fraud. To report a phishing email, you should forward it to the Anti-Phishing Working Group at email@example.com. If you suspect you received a phishing text, you can forward it to SPAM (7726).
And report all phishing attacks to the FTC at ReportFraud.ftc.gov.
WHAT TO DO IF YOU RESPONDED TO A PHISHING ATTACKIf you think you clicked on a link or opened an attachment that downloaded harmful software, update your computer's security software. Then run a scan.
This information about phishing attacks appears in TIADA's course, “Dealerships and Customer Information: Complying with the Safeguards Rule.” To stay compliant with the FTC's Safeguards Rule, dealers are now responsible for ensuring their employees are trained in protecting customer information. For more information about the course, please watch our video or visit https://www.txiada.org/safeguards-rule, or enroll today on the Dealer Education Portal.