Published May 14, 2020
Scammers are targeting people at UB by sending email claiming to be someone associated with UB--commonly an instructor, advisor or work supervisor--and asking them to make purchases or complete other tasks on their behalf.
While this tactic is being used to target other institutions around the country, the names of real people from UB are being used fraudulently in the "From:" field to make the scam more convincing to recipients at UB.
Here is a recent example of one of these email exchanges--the full names of UB employees have been removed:
From: Ruth ----
Sent: Friday, November 9, 2019 1:51 PM
Could you please email me back? I need a favor.
Sent: Friday, November 9, 2019 1:57 PM
Subject: RE: Hi
Of course – how can I help?
Sent: Friday, November 9, 2019 3:10 PM
Subject: Re: Hi
Good to hear from you, hope all is well with you? I need to get three iTunes gift cards for my niece, Its her birthday but I can't do this now because I'm currently traveling. Can you get them for me from any store around you? I'll pay back next week when I get back home.
The scammer impersonates a real UB employee in the email’s “From:” field. The email exchange typically begins by asking if the recipient is in the office.
In either the same message or a follow-up message, the sender may claim to be busy in a meeting or traveling, and they cannot talk on the phone, but need the recipient to make a last-minute purchase, click a link to read an article or complete another urgent task.
The scammer typically requests that the recipient make a purchase of some sort, whether buying gift cards, paying an invoice or some other plausible purchase on their behalf. They may also offer you a job, which typically requires you to give them your bank information.
This is a type of business email compromise scam. The FBI has more information about business email compromise scams on their website.
While these fraudulent emails can be convincing, there are often indicators that they are not legitimate. Like many phishing attempts, there are often glaring spelling or grammatical errors.
Like other phishing attempts, these messages rely on a sense of urgency to convince the victim to act quickly, without thinking critically. In this case, additional pressure on the recipient to act is applied by impersonating someone with whom the victim works, such as a supervisor or a teacher.
If you received a similar email, do not reply. Instead, report it to UB's Information Security Office. You can find out how to report a fraudulent email on the UBIT website.