← Back to News List

"Quick Response" - A UMBC Impersonation Scam

A Common Scam That Still Works

Recently DoIT has been notified that an email scammer has been trying to impersonate other UMBC staffers. The email comes from a scammer who is claiming to be someone from UMBC and has the Subject “Quick response.” An example of this phishing email can be seen below.


From: FORGED NAME <.umbc@gmail.com>

Date: Thu, Aug 20, 2020

Subject: Quick response

To: <@umbc.edu>

 

Available?

 

--

FORGED NAME


The email that is shown above is only the first email that the scammer will send to users to try and get their attention. In similar phishing emails, once the user responds  the scammers would claim that they were stuck in a meeting and ask the user if they could go to the store and buy them gift cards. 


Even though this email is short it still shows some red flags of a phishing email. 


  • The email itself is not personalized and is very vague. The reason for this is so that the scammer can send the email to as many people as possible.

  • There is a sense of urgency. Even with this email being so short, the sense of urgency comes with the subject line of “Quick response” trying to show that they need you to respond as soon as possible.

  • The From email address is suspicious. Some scammers will use addresses of the form <johnsmith.umbc@gmail.com>. Without a closer examination some might assume it is coming from a UMBC source while in actuality it is coming from an unknown Google mail address.

  • The email signature and name are meant to look legitimate. The scammer will try to base their phishing email on that of the person they are trying to impersonate. This will include an email signature meant to look like an actual UMBC staff member’s and the sender's name being that of the person they are trying to impersonate, often a supervisor. 


You can find other examples of similar scams here https://itsecurity.umbc.edu/critical/?id=94968 and https://itsecurity.umbc.edu/critical/?id=94950 or check out the DoIT Security page main page for more updated information.


If you do receive this or a similar email that you suspect is a scam, please do not click on any URL or reply. Either of those actions confirms to the sender that your email address is valid. Please forward the message (with the email headers) to security@umbc.edu.


How do I forward full email headers?

https://wiki.umbc.edu/pages/viewpage.action?pageId=1867970


To read more articles published by DOIT visit: 

https://itsecurity.umbc.edu/critical/?tag=notice

https://itsecurity.umbc.edu/home/covid-19-news/?tag=covid19

Tags:

Posted: August 24, 2020, 12:19 PM