Secretary of State Brad Raffensperger is warning Georgians about a phishing scam related to corporate registration. Individuals posing as the Secretary of State’s office have sent emails to unsuspecting Georgians with suspicious attachments likely containing viruses or other malicious software.

“Protecting Georgia businesses is my top priority as Secretary of State,” said Raffensperger. “Scammers have been targeting well-meaning Georgians with malicious emails, falsely representing themselves as coming from my office in an effort to deceive and mislead. Georgians should watch out for these scams and report them to my office as soon as they see them.”

The Secretary of State’s Corporations Division has received several complaints of emails pretending to be from the “Secretary of State” that tell the recipient that their “Annual Registration … has been successfully processed by the Georgia Secretary of State’s office.” The email then continues that “The filed Annual Registration is attached to this email.” The emails include two .zip file attachments with “ann-reg” in the title, intending to trick the recipients into opening them up.

Though the sender is listed as “Secretary of State,” the email comes from the @mooney.fr domain. Official email contact from the Secretary of State’s office will come from @sos.ga.gov, the domain name of the Secretary of State’s office. The phishing email has been sent to the Department of Homeland Security for further evaluation and tracking.

In several cases, some of the recipients did not have a business registered in Georgia or had not yet renewed their annual registrations. Georgians who receive unexpected emails like this should be sure to check with the Secretary of State’s Corporations Division before taking any action. For tips on how to avoid falling victim to a phishing attack, visit the FTC Consumer Information page.

Georgians who receive unsolicited or unexpected emails from government entities should check to make sure the sender is an official government agent. Any suspicious emails should be reported to the relevant agency and authenticated before any action is taken, especially opening attachments or sending money.