← Back to News List

“QUICK REQUEST” UMBC Impersonation Scam

Another Example Of A Gift Card Scam Targeting UMBC accounts

The DoIT has recently been notified of a malicious actor trying to impersonate a UMBC staffer. This scammer is sending emails with the subject line “QUICK REQUEST” and asking victims if they are available with the goal of getting gift cards from the victim. An example of an email chain is shown below with the name of the From and the email signature removed for privacy reasons.

From: FORGED NAME <.umbc@gmail.com>
Date: Aug 19, 2020, at 11:33 AM

Subject QUICK REQUEST

To :<@umbc.edu>


Available?


--

FORGED NAME



FORGED NAME<.umbc@gmail.com> wrote:

I’m in an impromptu meeting right now and that's why i'm contacting you through here. I should have called you, but phone is not allowed to be used during the meeting. I don't know when the meeting will be rounding up, And i want you to help me out on something very important  from a store around you and I will reimburse you back when I’m out of the meeting. Let me know if you can do this.

--
FORGED NAME


The scammer targets a department and tries to impersonate some senior person in that department. The scammer will send emails asking the victim if they are “available.” 


If the victim respondes, they will receive a second email asking the victim to purchase gift cards because the scammer is currently in a meeting and can’t do it themselves. Note that the second email has poor grammar and random capitalizations. This email also has a sense of urgency with the scammer claiming to be in a meeting and using words like “important” and the subject “QUICK REQUEST” all in caps.


Note that the sender’s address in both messages is <.umbc@gmail.com>. The full email from the scammer was shortened for privacy reasons. This address allows the victim to see the “umbc” and, without close examination, to assume that the message is coming from a UMBC source when in actuality it is coming from an unknown Google mail address. The email also had an email signature which was based on that of an actual UMBC staff member.


If you do receive this or any other email that you suspect is a scam, please do not click on any URL or reply. Either of those actions confirms to the sender that your email address is valid. Please forward the message (with the email headers) to security@umbc.edu.


How do I forward full email headers?

https://wiki.umbc.edu/pages/viewpage.action?pageId=1867970


To read more articles published by DOIT visit: 

https://itsecurity.umbc.edu/critical/?tag=notice

https://itsecurity.umbc.edu/home/covid-19-news/?tag=covid19

Tags:

Posted: August 20, 2020, 12:01 AM

Read Original Post in myUMBC