Skip to content
Spring Insight
  • What we do
    • Marketing Support
    • Website Creation
    • Website Maintenance
    • Local SEO
  • Who We Serve
  • About
    • Our Difference
    • Our Team
    • Approach
    • Web Accessibility
  • Our Work
  • Blog
  • Capabilities
Schedule a Consultation
Schedule a Consultation
Spring Insight
  • What we do
    • Marketing Support
    • Website Creation
    • Website Maintenance
    • Local SEO
  • Who We Serve
  • About
    • Our Difference
    • Our Team
    • Approach
    • Web Accessibility
  • Our Work
  • Blog
  • Capabilities
"Illustration of a masked thief holding a folder with a silhouette, standing in front of a computer monitor displaying a 'Team Page' with a thought bubble showing a red devil face. The text reads 'Bad Guys Can Weaponize Your Team Page' and includes the Spring Insight logo in the top right corner."

How Bad Guys Weaponize Your Team Page

By Penny Barrentine | July 18, 2024

Hey everybody! I’ve got a quick story for you about how someone tried to use our team page to defraud my company. Spoiler alert: it didn’t work, but it was a close call and a learning experience I wanted to share with you all.

For the full video experience, check out the video where I recount the whole saga.

The Great Team Page Heist (Almost)

So here’s what happened. We received an email that was sent to Penny, our virtual office manager. It was supposedly from Kristen, a member of my team, asking to change her direct deposit details before the next pay period. 

The email looked sort of convincing at first glance – I mean, these scammers did their homework to figure out the right names and people within the organization, right? But luckily, Penny is sharp. She expanded the email details, noticed the sketchy email address, and reached out to the real Kristen, who confirmed it was a scam.

The Red Flags and the Reveal

The scammers put some effort in to pull this thing off. They went on our team page, identified Penny as the person likely to be in charge of payroll, and crafted an email that looked pretty convincing. But here’s the kicker: they didn’t do a perfect job. Even though it was close, Penny’s diligence saved us. She checked out the email address (not just the “from” name) and verified the request with Kristen, who quickly shot down the scam.

Lessons Learned and Pro Tips

Now, you might be wondering if this means team pages are a bad idea. Should you ditch them? Absolutely not. Your team page is important. For subject matter experts such as yourself, It’s usually the second most visited page on your website because people want to know who they’re dealing with. It builds trust and credibility. It also helps prospective clients get to know you and your team as human beings. 

But you’ve got to be smart about it. Here’s how:

  1. Ditch the Direct Email Links: It’s best not to put anyone’s email address on your website. Instead, use a contact form that sends emails without exposing addresses. This way you can have more than one set of eyes on incoming emails and would-be scammers won’t get direct access to your team’s inboxes. 
  2. Train Your Team: Make sure everyone knows how to spot phishing attempts. A little skepticism can go a long way and in our case, that skepticism stopped the bad guys before any harm could be done. 
  3. Double-Check Requests: Always verify unusual requests, especially those involving money transfers or sensitive information changes. A quick check can save you a ton of trouble.

Final Thoughts

In this digital age, a bit of caution can save you a lot of headaches. Your team page can still be a valuable asset without being a target for scammers. Just be smart about presenting contact information and keep your team vigilant.

If you’re looking to create a robust website that showcases your team and keeps the bad guys at bay, Spring Insight has got your back. Book a complimentary consultation with us today and let’s make your digital presence shine without the shady side effects.

Stay safe out there, and remember: trust, but verify!

Want more details? Watch the video for the full scoop and subscribe to our channel for more tales from the digital frontier. Ready to take your website to the next level? Visit Spring Insight and schedule your free consultation now.

Enjoy this content?

We write blog posts twice monthly to keep you smart. Our particular areas of focus are web strategy, online marketing, and the intersection of psychology and online business. Don't leave reading our updates to chance. Sign up for our newsletter (or even better a free marketing or web assessment.) I promise we will never overuse your email address.

Sign Up
Posted in Digital Marketing Strategy, Erika's Musings, Marketing Strategy, Small Business Basics and tagged protect team page from social engineering attacks
← Your Website: The Core of Your Digital Marketing StrategyIs Your Website Open for Business? How to Tell (And Show) Your Visitors →

Blog Archive

Search

Categories

Archive

Get targeted

feedback

with our free

Audit

SI-quiz-icon Go

Schedule a

Free Assessment

mac Go

NAICS Codes (MBE/DBE/SBE):

541430: Graphic Design Services

541490: Other Specialized Design Services

541511: Custom Computer Programming Services

541613: Marketing Consulting Services

541611 Administrative Management and General Management Consulting Services

CERTIFICATIONS:

Maryland MBE/DBE, SBR

Montgomery County, MB LSBRP

Our Capabilities

Review Our Capabilities

Additional Resources

  • Site Map
  • Terms and Conditions
  • Privacy Policy
  • Cookie Consent
  • AI Policy
  • Web Accessibility
  • Client Login

Get In Touch

202.643.8828

info@springinsight.com

Maryland department of transportation (mdot) logo signifying mbe/dbe/sbe certification.
A circular seal for montgomery county, maryland, indicating certification for the local small business reserve program (lsbrp), with a prominent checkmark symbolizing approval or certification.

© 2014-2025 Spring Insight Marketing LLC. All Rights Reserved. 202.643.8828