Be on alert for fraudulent emails that request wire transfer payments. These emails are implied to come from persons of authority (Deans, Directors, VPs, etc.).
Below are two examples of fraudulent messages:
The email address “appeared” to come from firstname.lastname@example.org, when in fact it was from ceo1234[at]mail.com. If the respondent clicks “reply,” the recipient of the message changes to “ceo1234[at]mail.com.”
From: <UBC Director Email Address>
I need to sort out a payment today. What details do I need to send to you to arrange a same day wire transfer for amount $41,310.06.
<UBC Director’s name>
Sent from my iPad
The Dean’s name was used as the display name, but the associated email address was ceoprivate54[at]gmail.com:
From: <UBC Dean Email Address>
Hello <UBC recipient’s first name>,
Hope your day is going well. I will need you to make a wire transfer for me today.
What would you need to get it done?
<UBC Dean’s name>
Actions to Take
Keep an eye out for unusual requests originating from non-UBC email accounts and ensure that all documentation has been thoroughly reviewed and verified prior to processing the item for payment.
Speak with your supervisor and clarify the steps and any safeguards on how he/she might ask you to perform such actions via email to ensure the request is authentic.
Please see the alert below from FS-ISAC (Financial Services sector) for the types of attempted fraud that we’re seeing against UBC.
If you receive a suspicious email, please contact email@example.com.