This email was translated using machine translation. Please forgive us for any inaccuracies.

Check out this month's cybersecurity tip!

Cybersecurity Tip for June 2026

 

Fake WhatsApp Messages Targeting BW Team Members

Just updated your LinkedIn? You may be a target

Several Barry-Wehmiller team members have reported receiving scam messages that appear to have been sent by BW leaders. These include fake messages from Kyle Chapman, among others, and are increasingly being delivered through WhatsApp, in addition to SMS text messages.

 

Bad actors often obtain mobile phone numbers through various public websites and then connect them to a team member’s personally identifiable information (PII), including employment details from LinkedIn and other social media and networking platforms. 

New hires are especially vulnerable to these types of attacks. After starting a new role, many team members update their LinkedIn profiles or share job announcements. Bad actors actively monitor these updates and quickly target individuals—often within the first several weeks—through platforms like WhatsApp or SMS. Because new hires are still learning company processes, these messages can seem more legitimate and be harder to recognize as a scam.

 

Here is an example of a fake incoming WhatsApp message. While the message has Kyle Chapman’s picture and name, the phone number is not Kyle’s. 

Note: The question, “Are you at the office?” is a common conversation-starter by a scammer. 

What should I do if I receive a WhatsApp or SMS text message that I suspect is a scam?

  • Stop, look and think before taking any action! 
  • Consider: Is this type of messaging—whether text or WhatsApp—something you’d expect from that person? 
  • Look for other red flags, such as misspellings, grammar errors and an unexpected sense of urgency. 
  • Don’t provide confidential information, return a phone call or text back if you have any reason to suspect a scam. 
  • To verify the validity of the message, contact the sender through an alternate method, such as a BW email address, a Microsoft Teams message, a verified business or personal phone number (not the one in the text message), or in person.
  • If you determine the text message is malicious, delete it and block the phone number.

Thank you for doing your part to help keep our network and your information safe!

View Archive