We wanted to send a reminder about these kinds of scams - since I've started getting reports of them again. This is both a reminder for those who have been here a while, as well as an initial notice for our new faculty and staff.
Since our department directory is public, scammers will sometimes try to trick recipients by creating an email account (on a free email service like Gmail, Outlook, or Yahoo) with the same name - but a different email address - as a person in a position of authority here. They impersonations are typically of a department chair or director, a dean, a vice-president, or even the president.
I'm including an example of one of these which was received today, though with the name of the recipient, as well as the person they are impersonating, redacted. Though this message impersonates someone in the Art Department, we've seen messages like this impersonating almost every department on-campus through the past few years.
More details on how to recognize these scams is after the screenshot.
How to recognize these scams
These are some of the common red flags for these scams.
- The sender's email address is external: The quickest way is to notice a message from someone purporting to be your department/division/school head, but with an external email address - almost always a gmail.com address.
- Extremely short messages: If you don't notice the sender's address - the initial messages are almost always short. They always ask short questions like "Are you available" or similar messages like that.
- Sense of urgency: There will almost always be cues of urgency. The sender may claim they are busy (due to a meeting, a flight, or other contrived situations) and need help with something.
- Asking for cell to text: After a few messages, they will usually ask for a cell phone so they can text you.
- Asking to buy gift cards: After one or more messages, they will ask you to do them a favor. Typically, they will ask to buy gift cards (with some contrived story about being too busy, in a meeting, travelling, etc. - and forgetting a birthday, anniversary, etc.), with a promise of repayment.
I've sent these kinds of announcements before - but there has been an up-tick in the last week. These messages are virtually impossible to block without causing an increase in legitimate messages being marked as spam. What I wanted to give in addition is an example of how these messages can continue after the initial response.
- In this example, the scammers impersonated a department head. They used a completely unrelated Gmail address but with the name on the address of the department head they were impersonating.
- Their first message just had the subject "Are you available at the moment?" with no message body.
- The recipient responded with "Yes"
- The criminals then sent a reply of: "Can you please help me on something right now?"
If you receive a message that purports to be from your supervisor or department head that seems suspicious - try to get in touch with them in-person, or via a phone call if you're uncertain.
See the articles at the links below for more information on this:
Chronicle of Higher Education: https://www.chronicle.com/article/phishing-scheme-targets-professors-desire-to-please-their-deans-all-for-500-in-gift-cards/
Federal Trade Commission: https://consumer.ftc.gov/consumer-alerts/2021/09/your-boss-isnt-emailing-you-about-gift-card