Our community recently reported a spate of phishing scams imitating University leadership—including President Dennis Assanis—and demanding everything from wire transfers to large numbers of iTunes gift cards.
BEC (business email compromise, aka “CEO fraud”) scams are targeted at specific audiences within an organization. They’re a form of spear phishing—the scammers research their targets to learn more about the organization, its employees, and its practices. In a BEC scam, the attacker will impersonate a well-known leader within an organization, such as a university’s president, in order to convince the recipients to transfer money or personal information. They try to exploit the visibility of leaders and business partners, our innate desire to help others (especially our bosses), and our fear of disappointment or reprisal if we don’t cooperate.
Recent trends in BEC scams include:
- a more conversational approach, asking a basic, response-provoking question like “are you there?” The scammer hopes to lure victims into a conversation, building trust so the demand is likelier to succeed.
- claims that the executive is in a meeting or away on a trip and cannot be reached to discuss the demand further.
- requests for gift cards or wire transfers for the executive to present to business partners or prospects.
- requests for large files of employee information (such as copies of W-2s) due to an “emergency.”
Several watchful community members have already thwarted fraudulent wire transfer and employee information scams this year alone! After receiving suspicious emails, our colleagues alerted IT Security by forwarding those phish to email@example.com. Working together, we revealed these messages as attacks on our University and helped to warn others of the danger.
If you receive a suspicious request and aren’t sure what to do, try these tips:
- Question unusual requests. Does the alleged sender ever ask for files containing large amounts of employee information? Is there any real reason to provide such a file (especially in email)?
- Be wary for requests that violate policy (for example, a request for a wire transfer that ignores normal authorization procedures).
- Watch out for business requests from unofficial email addresses. Many BEC scams are perpetrated from consumer email accounts (such as Gmail or Yahoo) rather than official ones (udel.edu).
- If you aren’t sure, ask. Contact the alleged sender separately to verify the request.
Stay alert and exercise caution. If you receive a suspicious email, spread the word! Help alert our community by forwarding potential phish to firstname.lastname@example.org.