Beware of the “Are you available?” Email Scam

Apr. 24, 2019

Beware of the “Are you available?” Email Scam

Webster Information Technology is seeing an increased number of reports from people who have been receiving an email from someone impersonating a Webster co-worker, supervisor or executive.

These emails often come with a subject line of “Urgent” or something similar and try to engage the recipient into a conversation by asking if they are available.

Because these emails are very simple and do not contain malicious attachments or links, they can often fool advanced phishing detection systems in place.

Further, even though the display name appears to be coming from a Webster recipient, if you pay close attention to the return email address you will notice it does not come from an @webster.edu address. Instead, these emails can come from a variety of third party email providers/domains.

The purpose of these scams is to manipulate the recipients into replying by pretending to be someone they know. Once an individual replies, the impersonator asks for a favor (either via email or requests your cell phone number to text you) and claims urgency. The “favor” is typically a request to send a gift card such as iTunes or Amazon.

This is an example of what these scam emails may look like:

email

Avoid Becoming a Victim of Email Scams

Please be extremely cautious in your daily email communications. You are your best defense in becoming a victim of an email scam. Always be on the lookout for these red flags that often indicate a phishing/scam message:

  • Email “From” name (also referred to as Display Name) and/or signature not matching the “From” email address. Always look at what comes after the @ symbol in an email address. That is what indicates the domain/provider of the email address. Anything that does not come from an @webster.edu address is not within the Webster domain and extra caution should be exercised. Scammers will often use a similar or identical username (the portion before the @ symbol) to try to trick recipients, but the full email address does not end in @webster.edu.  Do not reply to these emails.
  • Promises of money and/or requests for money, gift cards and/or bank account transfers
  • Requests for private or sensitive information
  • Incorrect spelling, bad grammar and/or excessive capitalization
  • Threats of account shutdown
  • Unexpected email attachments
  • Spoofed links/web pages (links that appear to go to a legitimate web site but upon hovering your mouse over the link actually point to a different [and malicious] web page altogether

If you are ever unsure of the legitimacy of an email or wish to report an email scam, please contact the IT Service Desk for further assistance. You can reach the Service Desk by calling 314-246-5995 or toll-free at 1-866-435-7270 or via email at support@webster.edu.

tags:  employee news, extended campus, faculty, webster life, webster today,