Suspicious NASBA-Themed Phishing Emails
We want to make licensees aware of a recent phishing campaign targeting individuals associated with several state boards of public accountancy.
These emails appear to come from a NASBA-related source (e.g., “NASBA Enforcement Division”) and use urgent language, including threats of disciplinary or license-related action, to pressure recipients into clicking links or providing sensitive information.
This email is not from NASBA, and there is no indication that NASBA systems were involved. NASBA does not have an Enforcement Division. It is a phishing attempt using NASBA’s name to pressure recipients.
Please remember the following:
- Do not click links or open attachments in unexpected or suspicious emails.
- Do not reply or provide login credentials or personal information.
- Be cautious of messages that create urgency, threaten disciplinary action, or demand immediate responses.
- Carefully verify the sender’s email address and domain, even if the message appears to come from a trusted organization.
- Report suspicious emails through your normal IT or security process.
- If you have already clicked a link or responded to a suspicious email, contact your IT or security team immediately.
When in doubt, contact the New Mexico Public Accountancy Board before responding to such messages.
