Magdalena Stoeva, PhD
Chair Medical Physics World Board, IOMP

Beware of phishing emails

It is periodically brought to our attention that medical physicists get email from the President, IOMP or other Officials of IOMP. The initial email typically will be looking innocuous and appears social. You are tempted to respond as coming from President. Then starts the request to help in transferring money to some person or country.

At the outset, it may be born in mind that President, IOMP never sends an email to anyone regarding money matters. It is the office staff or the Treasurer.  Thus never get duped by such an email.

Why we fall for phishing emails — and how we can protect ourselves

Phishing emails can be identified in various way. See below basic instructions how to identify such emails:

• Identify that the ‘From’ email address matches the display name. The from address may look legitimate at first glance, but a closer look in the email headers may reveal that the email address associated with the display name is actually coming from someone else.
• Make sure the ‘Reply-To’ header matches the source. This is typically hidden from the recipient when receiving the message and is often overlooked when responding to the message. If the reply-to address does not match the sender or the site that they claim to be representing, there is a good chance that it is forged.
• Find where the ‘Return-Path’ goes. This identifies where the message originated from. While it is possible to forge the Return-path in a message header, it is not done with great frequency.
• Check the Email Header Information – the email headers contain a significant amount of tracking information showing where the message has traveled across the Internet.

Use the above suggested tips on identifying a phishing message and if still unsure, report the message to info@iomp.org .