Smart move. My agent sent us all a heads-up about a month ago that there was a phishing thing going on that sounded a lot like this.
Dear all

This is an unusual mid-week parish notices but a few things have cropped up that we wanted to let you know about sooner rather than later.

Firstly, we need to make you aware that JULA and some of our colleagues have experienced repeated, sophisticated, and well-researched phishing attempts. These have included emails appearing to be from a digital signature service requesting that we follow a link and individuals seeking to secure copies of manuscripts.

These attempts come in the form of deceptive emails that look and sound like the real thing, often appearing to come from known individuals (editors, agents) using domain names with a slight change of letter (e.g. “icrnpartners.com” or “penguinrandornhouse.com”).

It can be difficult to tell the difference between legitimate and illegitimate messages, so here is some useful guidance that our colleagues at ICM have put together.

If you receive an email requesting sensitive information or items (manuscripts, contracts, etc.) to be sent via email, or to follow a link to sign a document, please consider the following steps:
1. Carefully inspect the sender’s email address. Ensure the person’s name is spelled correctly and, most importantly, that the company’s domain name (which is located after the @ symbol in an email address) is spelled correctly.
2. Call the supposed sender to verify that the items/information requested in the email are legitimate.
3. Do not reply to the email. Message headers can look real but have hidden text triggered when “reply” is hit. Instead, start a separate email chain with the sender asking if they did, in fact, request that item/information from you.
4. Carefully look at the email header, which contains detailed information about the email – where it came from, who it was sent to, date, time, subject, etc.