The fake emails in question specifically referenced the Jersey Financial Services Commission’s Jill Britton and encouraged the recipients to open a PDF attachment with a sense of urgency.
The JFSC described it as a “phishing” scam in a message to members – a type of scam where individuals are deceived into revealing sensitive information about themselves or their businesses or installing malware.
The fake emails came from jill.britton@mail-jerseyfsc.org – an address that does not belong to the watchdog or follow its usual format.
“The JFSC’s official email format is firstinitial.lastname@jerseyfsc.org. If you receive an email from a sender where their email address ends with anything other than @jerseyfsc.org, it is fake, should not be responded to, and any attachments should not be opened,” the watchdog said.
“If you have any doubt as to the authenticity of any email received from the JFSC, before replying to it, and especially before opening any attachments, you should take additional steps to verify that the sender is legitimate.”
ADVICE…
Industry members are now being encouraged by the JFSC to:
- “Check JFSC email correspondence matches the official JFSC format and email domain i.e. firstinitial.lastname@jerseyfsc.org
- “Contact your IT and/or information security teams for advice
- “Call the JFSC on +44 (0)1534 822000 and asking to speak to the individual who sent, or appears to have sent the message, in order to verify its legitimacy.”