We have received reports of an e-mail impersonation scam, referred to as “Display name spoofing” that has been going around from a handful of fraudulent e-mail addresses spun up for the purpose of conning our users. The fraudulent e-mail addresses spun up will contain the “display name” of a real WCSU user but the e-mail address will be one the scammers created just for the scam.
Please reference the SANS poster “Don’t get Hooked!”, Phishing indicator A as well as the other indicators to lookout for, and “The Evolution of Friendly Name Spoofing” for more information on the family of related e-mail scams. We are evaluating visual warnings for external e-mails sent to our users as a potential additional indicator.
Below is a redacted example of what the impersonation messages may look like: (The scammers are phishing for victims to respond so they may keep the initial e-mail brief to reel you in.)
If you respond, you may get a response such as this:
Please do not fall for these scams. Be especially cautious when responding to e-mails from a mobile device as they may not show you the sender’s address without clicking on the “Display name” or a link to “View details”.
If you do receive a scam like this, please “Forward as Attachment” to firstname.lastname@example.org and/or notify the ITI Service Desk for assistance