Versions Compared

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.
Comment: added onedrive to BEC section

...

Type

What does it look like?

What is it trying to do?

“CEO Fraud”

The scammer pretends to be your boss or a VP or other high-ranking individual. 

---

The first email may not include any links or attachments. It will just say “I need a favor” or “are you at your desk?” 

---

It will likely include a statement about the sender being unavailable, such as “I’m in a very important meeting” or “I’m about to board a plane.” 

You are more likely to respond quickly and without much scrutiny to a name you know of a person in a position of authority. 

--- 

They are trying to engage you. After a reply or two, they will ask you to perform an action for them: buy gift cards, initiate a wire transfer, or forward sensitive documents (W-2s, health records, etc). 

---

They want to discourage you from double checking the request via phone call. 

Business Email Compromise Compromise (BEC)

Likely will appear to come from an acquaintance or non-Geneseo colleague.

---

Often has a subject like “____ would like to share a document with you.” 

---

May look like a legitimate OneDrive, DropBox, or Google Drive , or DocuSign email or may have a pdf attachment.

You are more likely to trust an email from a familiar name.

---

The sender may be someone you have exchanged documents with in the past and the scammer is trying to exploit that relationship.

---

The shared document or pdf will usually contain a link to a web site requesting you to log in to view the document. This web site is designed to steal your password. 

IT Spoof

The scammer will pretend to represent CIT, Google, or Microsoft Support. 

---

They will use words like “urgent,” “alert,” or “compromise” to get your attention.

--- 

It will likely make reference to your email account or voice mail box.

You are less likely to question technology-focused requests coming from IT support.

---

They want you to panic and act quickly. They want you to comply with their request without taking the time to double-check the email. 

---

They will say that your mailbox is almost full or your password was in a recent data leak or you need an upgrade. They make statements that are often difficult to verify without help from IT. 

...