Example 239: Are you available? Business Email Exploit/Compromise

Scammer pretends to be supervisor and asks for help

Business email exploits are a social engineering scam we see every day at the University. The scammer pretends to be a supervisor, leader, dean, VP, or even the President, and tries to engage the recipient in conversation. The scammer’s end goal is to trick the recipient into buying something, often gift cards, and sharing the gift card information with the scammer. We have been seeing these scams on campus since at least 2018. 

How to recognize the scam

  • Sense of urgency
  • Some reason the person cannot do what they are asking you themselves
  • Recently, may have COVID-19 as a topic or excuse
  • Other common subjects: Request, Hello? Favor! Help?

What to do if you receive one

  • Do not reply.
  • Forward the scam email, with headers, to [email protected]
  • Report it as spam to Google. In Gmail, click the spam button to help educate Google's filters to block similar messages in the future.
  • For more information, please see: https://it.umn.edu/manage-spam-email