Phishing reminder

Posted on Categories Security

Spear Phishing

We’ve been noticing more questions recently about suspicious emails that look like phishing. These days we tend to see more “spear phishing” campaigns.  “Spear phishing” is just a way of saying it’s a targeted phishing campaign. People are studying our website to see our organizational structure to figure out who are people in authority. Then they send an email pretending to be that person from a free account they created (not associated with Augsburg or Luther Seminary).

These campaigns try to instill a sense of urgency from a person of authority needing help.  These are techniques to try to lure you in and in the end get money from you.

Here’s a recent example:

Hello, Are you available?

Notice the carefully crafted signature to make it appear to be from Provost Kaivola. But also notice the email address it is from kaivola@my.com. That is not an institutional email address. That odd email address should be a red flag.

The best course of action is to mark this as spam so Google will be more likely to block it. We see most of these getting blocked as they are becoming very common.

If you did reply they will reply back saying that they are in a meeting and need your help with something important (sense of urgency).

I'm in a meeting right now and I need your help with something important. Can you? I will be waiting for your feedback

If you reply again they will ask for you to buy a gift card from some online store — we’ve seen iTunes and Steam recently — and they say they’ll reimburse you for it.  Again they will say it is urgent. This is a script we’ve seen over and over with these spear phishing campaigns.

I need the you to help me get a steam card from the store right now, I will surely REIMBURSE you back today once I'm done with meeting. I don't know when re meeting will be rounding up. So I need your help urgently. If you can help out I will love to get your feedback.

What should you do?

  1. If it seems fishy or odd, it is likely a scam. Mark it as spam so Google will be more likely to block it.
  2. If you’re truly not sure, contact the person directly by phone or institutional email address to confirm. Do not reply to the suspicious message.