Dear Colleagues,
We have seen an increase in the number of spoofed emails, a form of phishing/spam email.
Email spoofing is the forgery of an email so that the message appears to have originated from someone or somewhere other than the actual source.
The goal here is to have the employee (You) assist the supervisor purchase some gift cards. The email is structured in a sense that indicates the supervisor is not available, there is a certain sense of urgency and validity, and it is sent from a mobile device.
There are also other clues within the email. Even though the name of the supervisor is correct, the email address is not and is not part of the organization. Scratching the back of the card to get the code doesn't make sense, especially if you are planning to give it to your clients, customers, etc.
The best thing to do with these types of phishing emails is simply to call/text your supervisor's known cell phone number and confirm before making a purchase.
Below are real spoofing emails with clues that they are phishing emails highlighted in red.
Examples of spoofed emails
From: Supervisor <presidentceo02@twc.com>
Sent: Thursday, February 14, 2019 8:43 AM
To: Employee
Subject: OFFICE REQUEST/GIFT CARD PURCHASE
XXXX,
Are you available? I would like to know if you can help in making purchase for Google Play gift cards at the store,Let me know if its possible,
Pls, I'm occupied at the moment but will lookout for your reply.
Thanks
Sent from my Mobile Device
From: Supervisor <presidentceo02@twc.com>
Sent: Thursday, February 14, 2019 9:12 AM
To: Employee
Subject: RE: OFFICE REQUEST/GIFT CARD PURCHASE
I need you to pick up 3 Google Play Gift Card in $500 increment each. Its alright if you can purchase the gift cards from Walmart or any Stores around. Once you have been able to get them from the store, scratch-off the back code and then attach pictures of each cards and email them back to me with the purchase receipt. Email me back when you are on your way to the store
Thanks
Sent from my Mobile Device
If you receive a suspected phishing email, please contact the IT help desk via the ANR portal and inform only via a ticket, don't forward the email.
Tolgay Kizilelma
Chief Information Security Officer
IT Infrastructure and Support