Scam E-mail Spoofing Account of Scott Casper
Scammers are impersonating people to get info and money.
On Monday, 4/13/2020, DoIT was notified by several members of the UMBC community about an e-mail message impersonating Dr. Scott Casper, Dean of the College of Arts, Humanities, and Social Sciences. The messages appear to have been sent on 4/12/2020.
Investigation revealed that this message went to approximately 60 recipients. Based on the recipients, we suspect that the scammer collected email addresses and identifying information about Dr. Casper (e.g. Title, Photo, etc.) from the CAHSS website. Then the scammer selected specific departments from that website and collected more addresses. Since there are still a lot of people in the College who have not received these messages, we request that people be alert when receiving strange-looking messages through e-mail or text.
The message appeared to be from Scott E Casper <casper.umbc@gmail.com>.
This is not actually a UMBC address, since it ends in “@gmail.com”, but a quick glance might not make the distinction. At least one message had a Date field of Date: Sun, 12 Apr 2020 21:12:09 +0100. The timezone GMT+0100 is currently in Western and Central Europe and Western Africa, which is also suspicious.
The subject of the message was: Quick Request and the message itself was brief and vague:
Available?
--
Scott E. Casper
Dean
Professor, History
College of Arts, Humanities, and Social Sciences
In two reported cases in which the recipients responded, they were asked to go to a grocery store and purchase E-bay gift cards. One recipient received the request as a text message after providing a phone number. The text was sent from 585-532-5939.
We all get terse messages, especially as text messages. Be careful, however, before responding to them. Please double-check that the sender’s address actually ends in “@umbc.edu”. Note anything odd about the message headers or the message content. We are all somewhat disoriented by the current conditions and there are people who will try to take advantage of that. Please report any suspicious communications to security@umbc.edu.
Posted: April 20, 2020, 12:06 PM