Have you received an e-mail ostensibly from our Provost or our President asking you to buy them some gift cards? This is a fairly common e-mail scam that uses executive impersonation or “CEO fraud” to give credibility to the attackers’ claims.
These attacks usually begin with an e-mail sent from a fraudulent external e-mail address, such as unthsc.provost@gmail.com or presidents.office@gmail.com, impersonating one of our executives, or the attack can use a valid internal e-mail account that was earlier compromised through phishing or malware. The attacker sends the initial request through e-mail asking some form of “Are you available?” “Do you have a minute?” or “Can you do something for me?”
Any response by you is then met with a story of the executive being in a meeting or somehow unavailable to perform some important task that they now would like you to handle. This task can include transferring large sums of money, cashing a check on behalf of the executive, or buying gift cards on behalf of the executive.
Many times, attackers have taken the time to gain knowledge of the institution’s organizational structure and use that knowledge to their advantage. The ultimate goal of all of these scams is to defraud you or the institution of money. Most of the time, the money given to the attacker is not retrievable.
We rely on the education of our end users to help us prevent these types of attacks. You should be vigilant not to click on links or open attachments from unknown or unexpected senders. If you think it is odd that the Provost or President would contact you personally for such a request, then that entire interaction should be suspect. Contact their office by phone or departmental e-mail if the request involves money or confidential information.
If you need help in determining if the request is legitimate, ask the abuse@unthsc.edu address, or the HSC Helpdesk, helpdesk@unthsc.edu. You can also report to either of these contact addresses if you’ve fallen victim to one of these scams.
For more tips on avoiding internet scams, identity theft and phishing, check out the Department of Homeland Security’s Stop.Think.Connect Tip Cards: Identity Theft and Internet Scams, Phishing