Published November 16, 2018
Scammers are targeting UB employees by sending email claiming to be real UB supervisors or high-level employees, and asking them to make purchases or complete other tasks on their behalf.
While this tactic is being used to target other institutions around the country, the names of real UB employees are being used fraudulently in the "From:" field to make the scam more convincing to recipients at UB.
Here is a recent example of one of these email exchanges--the full names of UB employees have been removed:
From: Ruth ----
Sent: Friday, November 9, 2018 1:51 PM
Could you please email me back? I need a favor.
Sent: Friday, November 9, 2018 1:57 PM
Subject: RE: Hi
Of course – how can I help?
Sent: Friday, November 9, 2018 3:10 PM
Subject: Re: Hi
Good to hear from you, hope all is well with you? I need to get three iTunes gift cards for my niece, Its her birthday but I can't do this now because I'm currently traveling. Can you get them for me from any store around you? I'll pay back next week when I get back home.
The scammer impersonates a real UB employee in the email’s “From:” field. The email exchange typically begins by asking if the recipient is in the office.
In either the same message or a follow-up message, the sender may claim to be busy in a meeting or traveling, and they cannot talk on the phone, but need the recipient to make a last-minute purchase, click a link to read an article or complete another urgent task.
The scammer typically requests that the recipient make a purchase of some sort, whether buying gift cards, paying an invoice or some other plausible purchase on their behalf.
This is a type of business email compromise scam. The FBI has more information about business email compromise scams on their website.
While these fraudulent emails can be convincing, there are often indicators that they are not legitimate..
Like other phishing attempts,to convince the victim to act quickly, without thinking critically. In this case, additional pressure on the recipient to act is applied by impersonating a supervisor or high-level employee.
If you received a similar email, do not reply. Instead, report it to UB's Information Security Office. You canon the UBIT website.