← Back to News List

“TASK” UMBC Impersonation Scam

An E-mail Exchange With A Scammer

Recently the DoIT has been notified of a malicious actor trying to impersonate a UMBC staffer. The phishing email has the subject line “TASK” and a chain of emails from the scammer can be seen below. The example has had the name and email address of the victim removed for privacy reasons.

From: FORGED NAME  <executiveoffice76@gmail.com>

Date: Thu, Aug 13, 2020 at 10:35 AM

Subject: TASK

To: <@umbc.edu>


Hello,

 

Confirm your availability? Need you to handle a quick request. Get back to me as soon as you can.

 

Thanks.

FORGED NAME


From: FORGED NAME  <executiveoffice76@gmail.com>

How are you doing? Presently in a meeting. How fast can you get some cards from a nearby store? They are needed shortly. Get back to me as soon as you can


Sincerely,


From: FORGED NAME  <executiveoffice76@gmail.com>

Need steam gift cards 5 of them in 100$ denominations. Make sure you keep the receipt for proper documentation and reimbursement purposes.  When you get them scratch off the code panel, then take clear pictures of them and attach them here.


Sorry for the inconvenience.


First the malicious actor sends an email asking if the user is available to help them. Note that in the first email there is a  sense of urgency as well as a lack of personalization to the recipient. These can be red flags of a phishing email.


In the second email, the scammer asks the user if they could run out to the store and get some gift cards for a meeting that the scammer is currently in. The text continues to foster a sense of urgency using words like “fast” and “quickly”.


In the  last email the scammer asks the user for five one hundred dollar Steam gift cards. Steam gift cards are used on Steam, a video game digital distribution service. The scammer will ask the user to send them a copy of the codes on the back of the gift cards.

If you do receive this or a similar email that you suspect is a scam, please do not click on any URL or reply. Either of those actions confirms to the sender that your email address is valid. Please forward the message (with the email headers) to security@umbc.edu.


How do I forward full email headers?

https://wiki.umbc.edu/pages/viewpage.action?pageId=1867970


To read more articles published by DOIT visit: 

https://itsecurity.umbc.edu/critical/?tag=notice

https://itsecurity.umbc.edu/home/covid-19-news/?tag=covid19

Tags:

Posted: August 18, 2020, 6:00 PM

Read Original Post in myUMBC