We have learned that several members have received suspicious emails from senders alleging to be Land O’Lakes, Inc. employees. These are external hackers impersonating Land O’Lakes employees—we suspect the attachments include malware, which can damage or disable your computer or smartphone.
Although we’ve identified the source of these emails and reported the incident to the proper authorities, Land O’Lakes is no different than any other large company in how we see a large varied amount of phishing attacks, including impersonation. Today, all businesses and industries are inundated with phishing attempts to distribute malware, harvest credentials or dupe an unsuspecting person into taking an action under false pretenses.
Mobile users are at the greatest risk of hacking because of the way many mobile email clients display only a sender's name. This makes it especially easy to spoof messages and trick a person into thinking an email is from someone they know or trust.
Although it’s difficult to completely defend against these attacks, there are a few best practices you should follow to help protect yourself from hacking. If you ever receive a suspicious email, refer to these guidelines:
-
Don't click any links: Once you click a link, you invite potential malware/ransomware infection to occur. If you are suspicious of a link, hover over it to ensure where it is directing you is safe.
-
Don't open any attachments you weren’t expecting: Like clicking on a link, once you agree to open an attachment, you open the door to possible harm.
-
Never provide personal information: This includes your user ID, password, bank account information, Social Security Number, etc.
-
Never trust the display name in an email: Impersonating someone else by changing the display name in an email is easy but also easy to detect with proper due diligence. If you are at all unsure, verify the real email address. Please note in the example below that the email address does not match the display name.
Even if the email information looks legitimate but the request seems odd, it's important to verify that the email is authentic. It’s recommended that you report any suspicious email to your email provider:
If you have any questions or think you have received a phishing or impersonation email, you can also contact your local staff representative who will refer the incident to the proper IT Security personnel.