skip to content
  • Calendar
  • Maps

BEC Phishing Attempt (05/07/2019) - Are you Available? 

What is Phishing?

Phishing (pronounced "fishing") is probably the most common form of social engineering we see at the University. Phishing is a kind of identity theft that is growing in popularity amongst hackers. Phishing emails will typically contain a statement that something is going to happen to your account if you don't act now, which usually involves clicking on a link to a page where you are requested to provide your username and password and sometimes more. Phishing is using email or social skills (social networking) to trick you into providing personal/financial information, most commonly passwords and credit card numbers, to gain access to your accounts and steal more data or money. By using fraudulent websites and false emails, perpetrators attempt to steal as much information as you are willing to give them.

To learn more about phishing attacks, and how to protect yourself from them, please visit our phishing information page.

Attempt Information

From:[University email address name] The user name and domain is spoofed but if you look closely you will see that it is coming from a different domain- sender’s actual address doesn’t match our organization. 

Date: Tue, 7 May 2019 08:53:10 -0700 (PDT)

Subject: Are you Available? 

To: [Your email address]

 

  • This type of Business Email Compromise   (BEC), also known as man-in-the-email scam, is a type of a scam that utilizes social engineering to trick and scam employees and executives in a company. They will impersonate higher level management in order to make wire transfers, give credit card information, write a check, or even purchase a gift card. To learn more about this type of social engineering, please check out these articles: article 1 and article 2.
  • If the user respond to this message the user has now been "phished" by the hacker and will be more likely victimized some more.  Even though this message is simple and usually does not have any malicious attachments, it is using social engineering to get a response form the recipient. Once the user interacts with this type of scam, the hacker will make up excuse pretending to be the sender that they know and say they are in a meeting and they want the user to do an important task that they know they can do and they try to make it sound important and rushed. An example of a requested favor is for the hacker has the user purchase iTunes gift cards, scratch off the back to reveal the codes, and send back a picture of the cards and codes.  
  • Always validate and check the actual address of who the email is coming from. Many times hackers/scammers will use a similar name, or try and add “.weber.edu@” in the address to trick you.  
  • Another clue and an important item to look for is what comes after the “@” symbol – this is the domain part. Domains listed with @yahoo.com, @aol.com, @gmail.com, @my.com or @hotmail.com are NOT university email domains, and you should be very careful and exercise caution with these type of emails.  NEVER RESPOND TO A PHISHING EMAIL.  Just mark it as phishing and then delete it.
  • If you are using a cell phone, sometimes the sender’s email address does not automatically display the entire address. You can check the full address by clicking on the “Details” link of the message. This is usually located at the top of the email with the sender, recipient, and date information. Although, all mobile apps and devices are different there should be a way for you to confirm the sender.  If you are not sure call the sender that you know in your organization and verbally validate that message.   Put a validation process in our division to avoid these type of scams. 
  • Our Information Security Office and/or Service Desk is available to assist you if you have questions or concerns about any email you receive. Contact the Service Desk at (801) 626-7777, or forward the email csupport@weber.edu.  Or Security@weber.edu at (801) 626-6982.