Posted on Wednesday, September 11, 2019
Urgent: We have received reports of parishioners receiving an email and/or text from Fr. Hank requesting a "favor".
This is a scam. Please do not respond to this email and do not purchase any gift cards or offer any assistance.
The email is coming from a FAKE address (fhilton.stjosephsparish@ gmail.com or fr.hilton.loyola@ gmail.com or priest.catholic001@ gmail.com). There is a screenshot of the email below.
Do not respond. Please report any incidents of this to me at email@example.com
Emails from Fr. Hank will come only from his firstname.lastname@example.org email address. If this should ever change the parish will be notified.
SAMPLE SCAM/PHISHING MESSAGE (Do not respond to messages similar to this:)
Hi, how are you doing?
I need a favor from you, email me as soon as you get this message.
Fr. Hank Hilton
Email Impersonation Scams on the Rise
(This content is provided by the Diocese of Metuchen)
Email is the primary form of communication for everyone here in our Diocese. Email provides users a quick and reliable way to effectively communicate with our clergy, staff, parishioners, friends, and family. Though email communication is essential in a digital world, it can also be dangerous. Cybercriminals are taking advantage of email-based communication by creating and delivering impersonation based scams to our diocesan users. The diocesan Office of IT has received reports of email impersonation scams that appear to be sent from clergy and staff. The bad actors are able to achieve seemingly realistic emails through the use of email spoofing.
What is Email Spoofing?
Email spoofing is the forgery of an email so that the message appears to have originated from someone or somewhere other than the actual source. Email spoofing is a popular tactic used in phishing and spam campaigns because people are more likely to open an email when they think it has been sent by a legitimate or familiar source.
The intention of the attacker is to trick their victims into:
Clicking on hyperlinks to take over the victim's computer and/or steal user credentials
Opening a file attachment to install ransomware or other malicious code on the victim's computer
Making money transfers, or paying fake invoices
Purchasing gift cards and transmitting the claim code on the back
A common tactic scammers use is to send emails using the display name of someone within the organization and an external email address. Some users won't notice that the email didn't come from the user with the display name and deal with the email as if it was genuine.
Example: Rev John Doe <email@example.com>
Other methods rely on tricking the eye by using a domain name that looks like a trusted source. Purchasing domains that are similar to the ones impersonated is a common strategy that is often used in phishing attacks.
Example: Rev John Doe <father.Joe@ParishNJ.com>
These types of attacks are especially successful when viewed on a mobile device since most phone-based email programs don't allow users to hover over links or to see the full email headers.
Recognizing an Email Impersonation Scam
From: Rev John Doe <firstname.lastname@example.org>
Date: Thursday, September 18, 2019 2:35PM
Subject: You have 1 important pending message
You have 1 important pending message from IT Service Desk.
View * <https://www.eterniaquartz.com/wp-content/DIO/login.dio_org.html>
To learn how alerts like this one help you to protect your webmail:
Check the "From" address line in the email. If you receive an email from a sender that you may be familiar with, always remember to check the "From" address line to make sure that the email is coming from a legitimate source. If viewing the email from a smartphone and you have suspicions of where the email originated from, open the message up in an email client on your computer to view the email domain name.
Beware of urgent language. These emails oftentimes come with a sense of urgency. Phishers, in particular, tend to use this, attempting to elicit panic in their victims. A frazzled and fearful victim can be more apt to follow instructions in the email.
Look for generic language. Scam emails often contain generic language and/or greetings that could apply to anyone receiving the message.
Avoid clicking suspicious links or downloading suspicious attachments. Cybercriminals will usually create a spoofed webpage where you will be directed to enter your credentials or bank account information. This particular attack redirected users to a fake login.dio_org webpage.
Be careful of unexpected, out of character emails. When receiving a message, ask yourself if this is normal communication from the sender by confirming that the wording and signature of the message are consistent with other emails from the same sender.
Additionally, learn how to read and understand email headers to view who the message was really sent from. An email header is a block of information about the message that includes the sender, the recipient, the date, sending and receiving time stamps and the servers that handled the transfer of the message. There is more information on understanding email headers at the following website:
https://mediatemple.net/community/products/dv/204643950/understanding-an-email-header (link to outside source)
Thank you for your cooperation.
Diocese of Metuchen Help Desk, Office of Information Systems
732-562-1990 x1530 | email@example.com