Message from Webster IT: Recent email scams
April 27, 2020
With the shift to remote operations, there has been an increase in phishing and email scams globally. Webster University Information Technology would like to reminder all faculty, staff and students to be extremely cautious with email communications.
The latest scam distributed this week is the popular “Are you available”/Gift Card
Subject lines vary but may include “Quick request” or “URGENT.” They appear to come from a valid Webster University faculty or staff member when viewing the “From” information, however, the email address itself is not an @webster.edu address (example: email@example.com or firstname.lastname@example.org).
These scammers have used a variety of actual faculty, staff and department names in
both the “From” and email signature. The body of the message varies but may include
text such as “Are you available?” or “Please send me your cell phone number.”
When individuals reply to these emails or send their phone numbers, the scammers then engage in requests for money and/or gift cards. These emails are fraudulent emails and are not coming from any legitimate Webster constituent. Please do not reply to these messages or send any money/gift cards.
Caution Message for External Senders
As a reminder, any email that comes from outside of the @webster.edu domain is delivered with the following caution message in a banner at the top of the email that reads: “CAUTION: This email originated from outside of the organization
Do not click links or open attachments unless you recognize the sender and know the
content is safe.” These messages should serve as a good flag in determining the legitimacy
of an email sender. Please see example of this banner below.
Phishing/Scam Red Flags
In general, please be on the lookout for these red flags that often indicate a phishing/scam
- Email “From” name and/or signature not matching the “From” email address
- Requests for private or sensitive information
- Threats of account shutdown
- Promises of money and/or requests for money, gift cards and/or bank account transfers
- Spoofed links/web pages (links that appear to go to a legitimate web site but upon hovering your mouse over the link actually point to a different [and malicious] web page altogether)
- Unexpected email attachments
- Incorrect spelling, bad grammar and/or excessive capitalization
We urge you to review our previous announcements on phishing scams and how to detect them.
If you are ever unsure of the legitimacy of an email, or if you have replied to a
phish/scam, please contact the Service Desk as soon as possible for further assistance.
You can reach the Service Desk by calling 314-246-5995 or toll-free at 1-866-435-7270.
You can also reach the Service Desk via email at email@example.com.