The Cybersecurity & Identity team wants to make you aware of email scams involving gift cards. Typically, university personnel receive a spoofed (i.e., email address disguised) message that appears to be from their supervisor, or some other high ranking administrator. The first email is always an attempt to start a conversation, with future replies leading to financial fraud.
These types of messages are received systemwide to different campus staff and usually targeting office staff, however, also occurs with people who are leading student clubs, organizations or other professional groups. The messages deceptively try to get targeted personnel to reply, to start the process of financial fraud through a wire transfer, or gift cards, all via email. The email does not include a link, it is trying to convince the reader they need to respond and converse via email only, not on a phone or in person.
Students, faculty and staff who receive messages like these should not respond, and should delete the email.
When messages like this come to your mailbox, asking you to do something that is abnormal, or seems like a message that you would normally not receive, always question the email and reach out to the sender (via phone call) to make sure the email is valid. Another suggestion is to read the email address of the sender very carefully. If might look like it’s coming from someone you know, but if the email is not their university email, and it involves university funds, it is likely a scam. Here are some other suggestions when considering email such as this:
- Limited message body
- Unexpected attachment
- The message To is to a bcc
- No signature
- Logo use is incorrect or out of place
Please contact the HelpDesk team at your location if you have any questions. Report suspicious email to email@example.com.