With a sense of urgency, these attacks exploit trust
We want to make the University community aware of an increase in email impersonation attacks. These attacks use impersonation of someone that has a working relationship with the recipient.
What we are seeing
The following illustrates recent attacks that have been reported to email@example.com:
|From||Reggie Redbird <firstname.lastname@example.org>|
|To||Dan Taube <email@example.com>|
[This message came from an external source. If suspicious, report to firstname.lastname@example.org]
Sent from my iphone
Gift cards are the objective
In the majority of cases that we have reviewed, these email impersonation attacks are being used to request the purchase of gift cards. Once purchased by the victim, they will ask for the codes that allow them to electronically transfer the funds.
What to look out for
As illustrated above, there are two key things to look for in these recent attacks:
- The banner message that indicates that the email came from an external source
- The email address of the sender rather than the display name
However, there are more sophisticated methods that these elements might not be present. You may need to rely on your judgement pertaining to the person they are impersonating. Ask yourself whether the person you know would make such a request over email. If in doubt, call the individual making the request at their University number.
In any case, report it
Whether you know that the message is indeed illegitimate, or you need confirmation, please report the message to email@example.com and we will review it.
Subscribe to Tech Alerts
This specific attack has been published on the University's Tech Alert website at https://alerts.illinoisstate.edu/incidents/1l26fjdv5wbn. You can subscribe to updates based on the topics you are interested in.
For additional guidance, read our Staying Secure While Off Campus article which includes a section on similar social engineering attacks to this!