ALTA is alerting its members to delete a phishing email that includes an attachment letter that needs to be certified.
The email appears to come from Michelle Korsmo, ALTA’s former chief executive officer. Another red flag is that the email address is @alta-online.org. ALTA’s email domain is @alta.org.
ALTA encourages you delete the email. Do not open the PDF. In addition, you should block the domain of the email or the IP address that it is coming from. Once the scammers catch on, they will likely switch email domains. If you have replied to the email, the phisher may use the reply as an opportunity to send a malicious email. If a reply was sent, do not open the email, attachments or links. If you have internal IT staff, consult with them if you have opened any attachments or links.
You can be sure that your information is safe. This is a phishing email and ALTA's system was not breached. The email did not originate from ALTA or any of its systems. The domain was registered by the spoofer/ phisher through GoDaddy. A Google Business email account was used to send the email. The email originated from an IP address owned by Google. Google and GoDaddy have been informed of this spoofing attempt.