Many Metro MLS Members received a Spam e-mail that appears to come from the Metro MLS Administrative Staff. Please disregard this e-mail - Please do not respond!

This e-mail was a classic example of Phishing. Phishing is a targeted spam e-mail used by a bad actor to get to a particular audience, in this case the Metro MLS membership. 

This e-mail was not sent by Metro MLS. The e-mail From [email protected] was spoofed meaning someone made it appear that the e-mail was sent from the Metro MLS admin department; a sharp eye however, reveals a different reply to address, [email protected] . (the address has already been reported to google as spam sender)

A bogus "reply to:" e-mail address is the first sign something is wrong, other clues are: The missing salutation (who is the intended recipient?), The vague request with no details (which dates?, which amounts? Which invoices?) and the oddly constructed sentences.

The e-mail as received by one of our members:

Here is the exposed reply to: address:

How did this bad actor get my e-mail address? It's almost impossible to tell, the source could be one or many sources including any public or private rosters, referral service databases, hacked e-mail accounts and compromised computers with contact data on them.

What was the intention of this Spam e-mail? The intention is hard to tell, the e-mail has no malicious links or attachments, just a vague request to confirm information. A best guess would be that the bad actor hoped to get a dialog going that would possibly end up with the bad actor requesting payment information or credentials to verify account info.

Thanks for your attention - and here is an example of a real Metro MLS Signature: