The University is currently receiving highly targeted Spear Phishing emails known as Display Name Spoofing.
What is happening?
The University is currently receiving highly targeted Spear Phishing emails known as Display Name Spoofing. At least one staff member has lost a significant sum of money to this scam.
In this instance, the individual was asked to use their personal credit card to purchase the vouchers. As a reminder, it is not normal practice to request individuals to use personal credit cards for such purchases and individuals who buy vouchers on behalf of the University will normally have access to a University corporate credit card. Such requests should be treated as suspicious and queried with the individual making the request by contacting their University email account.
How does the Scam work?
The scammers use a free email service such as Gmail to create an account and set the display name to match that of a University Staff Member.
They use this to send a vague, plain text email usually requesting urgent assistance, and then attempt to escalate to the purchase and transfer of voucher codes.
What should you do?
If you are being asked to make or authorize a payment via email, always verify the authenticity of the sender before replying to the email, or clicking any links or attachments.
Look out for emails supposedly from a known colleague but with a free provider email address (e.g. @gmail, @yahoo etc.) rather than a University email address (@abdn). Note that by default, mobile devices may not display the full sender address.
You should also look out for the External Email warning banner, as pictured below. If this banner is present, the email did not originate from a genuine University staff member’s account.
This banner may also appear in plaintext, as below:
CAUTION: External email. Ensure this message is from a trusted source before clicking links/attachments. If you are concerned forward this email to email@example.com
If you receive such an email, do not respond to it. Instead, please report it to us by forwarding it to firstname.lastname@example.org.
If you suspect you have responded to a fraudulent email, please contact the Service Desk immediately.
To find out more about this scam type, see our news item at https://www.abdn.ac.uk/staffnet/news/14471/