Recently the DoIT has been notified of a malicious actor trying to impersonate a UMBC staffer. The phishing email has the subject line “TASK” and a chain of emails from the scammer can be seen below. The example has had the name and email address of the victim removed for privacy reasons.
From: FORGED NAME <executiveoffice76@gmail.com> Date: Thu, Aug 13, 2020 at 10:35 AM Subject: TASK To: <@umbc.edu> Hello,
Confirm your availability? Need you to handle a quick request. Get back to me as soon as you can.
Thanks. FORGED NAME |
From: FORGED NAME <executiveoffice76@gmail.com> How are you doing? Presently in a meeting. How fast can you get some cards from a nearby store? They are needed shortly. Get back to me as soon as you can Sincerely, |
From: FORGED NAME <executiveoffice76@gmail.com> Sorry for the inconvenience. |
First the malicious actor sends an email asking if the user is available to help them. Note that in the first email there is a sense of urgency as well as a lack of personalization to the recipient. These can be red flags of a phishing email.
In the second email, the scammer asks the user if they could run out to the store and get some gift cards for a meeting that the scammer is currently in. The text continues to foster a sense of urgency using words like “fast” and “quickly”.
In the last email the scammer asks the user for five one hundred dollar Steam gift cards. Steam gift cards are used on Steam, a video game digital distribution service. The scammer will ask the user to send them a copy of the codes on the back of the gift cards.
If you do receive this or a similar email that you suspect is a scam, please do not click on any URL or reply. Either of those actions confirms to the sender that your email address is valid. Please forward the message (with the email headers) to security@umbc.edu.
How do I forward full email headers?
https://wiki.umbc.edu/pages/viewpage.action?pageId=1867970
To read more articles published by DOIT visit: