New targeted fraud email pretends to be from department chairs or other SAS faculty/staff.

We have seen a new round of malicious emails which follow a specific pattern. In these cases the malicious user creates an external account (often @gmail.com) made to look like the email address of a department chair or other SAS faculty/staff member. The attacker then sends a message from that email address to each member of the department typically asking just a simple question like “Are you available?” If you respond to the attacker they will write back claiming that they’re in a meeting, and try to engage you in a series of emails where they eventually ask you to perform some action for them. In some cases this involves purchasing gift cards or other items they say they need immediately.

These initial emails are difficult for our spam filter to catch because they are short emails and they come from a newly-created email address like (not my real address). If you receive one of these messages it may very well seem like something you might receive from a colleague. Please be careful if you receive a message that seems to match this pattern, and if you think it might be fraudulent, consult your Local Support Provider.

This is another example of very targeted email attacks we have seen on campus this year (see extortion example from October). If you have questions or concerns about these kinds of attacks, please reach out to your Local Support Provider.