Cyber Smart Investor Series: Protecting Your Digital Stewardship
If you’ve been on the internet for more than five minutes, you’ve probably met him:
The international prince who desperately needs your help moving $1 million. He promises to split it with you if you send your bank details.
Most of us rolled our eyes, laughed, deleted the email, and moved on.
But scams aren’t that clumsy anymore.
Cybercriminals have become skilled social engineers, creating fake websites and emails that look like your bank, your pastor, your investment partner, even the ministries you love to support.
At CDF Capital, we believe wise digital stewardship is part of protecting what God has entrusted to you. Just like you safeguard your financial investments, guarding your online presence is essential in today’s digital landscape.
What Is a Phishing Attack?
A phishing attack is a fraudulent message designed to trick you into sharing confidential information: passwords, credit card numbers, login details, or anything else a cybercriminal can use. The scammer poses as a legitimate organization, often copying logos, tone, and even email formatting so convincingly that the message looks indistinguishable from the real thing.
The scammer’s goal is simple: make you click before you think.
These scams don’t just steal money. They erode trust and compromise entire organizations.
Seven Red Flags to Watch for in Any Email
Here’s where scammers succeed: not in fooling your technology, but in fooling you. They use emotion and trust to prompt urgent action before you’ve had time to think.
When it comes to identifying a phishing attack, Rob Bedley, our Director of Technology Services, shares this important advice:
“Be cautious of emails that convey a sense of urgency. When someone in an email is urging you to act now, it’s usually an indication that it’s a malicious message.”
Before you open or click anything, pause and scan for these quick red flags.
- Unexpected Urgency. Words like “act now,” “limited time,” or “account suspended” are meant to trigger panic.
- Generic Greetings. “Dear Investor” or “Dear Member” is a subtle clue. It’s not proof, but a clue.
- Slight Misspellings. Look for small variations in email domains or URLs. These are classic signs of spoofing.
- Attachments You Weren’t Expecting. PDFs, ZIP files, or Excel sheets from unknown sources you weren’t expecting.
- Requests for Confidential Information. No legitimate financial or ministry organization will ask for your password or PIN via email.
- Odd Timing. A midnight message about an immediate security action is almost always fake.
- Mismatched Sender Name and Address. The name may read “CDF Capital Support,” but the actual email might come from a Gmail account.
How to Verify Legitimacy Before You Click
If you aren’t sure what to do with an email, here’s your checklist:
1. Contact the Organization Directly
Do not reply to the email. Do not use the phone number in the email. Find the official website on your own and use the contact information there.
2. Check the Digital Certificate
If you end up on a website, make sure it starts with https:// and shows a padlock icon. If there’s no padlock, don’t proceed.
3. Check for Suspicious Links
Tools like Google Safe Browsing or VirusTotal can flag malicious links immediately.
4. Enable Two-Factor Authentication
A scammer can’t log in with just your password. This single step stops most attacks cold.
5. Keep Your Devices Updated
Patching software isn’t glamorous, but it closes vulnerabilities before criminals exploit them.
Wise Stewardship in a Digital World
At CDF Capital, we take cybersecurity seriously and want you to do the same. If you ever receive an email claiming to be from us that seems suspicious, do not click on it. Reach out to us directly. We are here to help.
Stay alert.
Stay wise.
Stay Cyber Smart.
