Category Archives: Scam

Gift Card Scam Still Prevalent

If you receive an email from your supervisor, department chair, dean, the Athletic Director, or the University President that contains some variation of ‘Are you on campus?’ or ‘Are you available?’ please double check the sending address as it is likely NOT from a Baylor.edu address – it may contain the real name of the people that hold those positions before the @ symbol, but after the @ symbol will be either a free email address provider or some other random company/domain. Something like the examples below:

Random email domain:

Using the person’s name before the @ symbol at a free email provider:

These scammers will NOT allow you to communicate with them by any other method other than email, using excuses like they are in a meeting that they do not know when it will be wrapping up & that phone use is not allowed in the meeting. The ultimate goal is to get you to meet their request by sending the codes off the back of gift cards (usually Steam, Google Play, Amazon, etc.) so that they get the funds from those cards immediately after you send the email.

If you receive one of this scam emails, please forward it to abuse at baylor dot edu so that we may block that address from sending to or receiving email from Baylor email addresses.

Tutor Over-Payment Scam

In this scam you get an unsolicited email asking you to either tutor this person’s child or relative, many times the people claim to be from overseas so they cannot meet you in person. If you engage they will eventually begin the money fraud by sending you a check for over the agreed upon amount & asking you to return a portion – this check is fraudulent & the funds do not exist so when you return the money it is removed from your balance & you are out the funds. Please forward any emails that look like the 2 examples below to abuse at Baylor dot edu. My favorite part about the first example below is that the scammer forgot to add in the name of the University & Department so it just stays as generic information – a dead giveaway that the email is fake. The second example below does a better job of being more specific to the person it was sent to by including the University & Department name.

Gift Card Scam

If you receive an email that appears to be from someone in leadership (President, VP, Dean, Chair, Athletic Director, etc) that is asking if you are available or on campus to complete a task, please over analyze the email address (not just the display name that shows up in your email program). It is likely that this is a scam email that will ask you to purchase hundreds of dollars of gift cards (usually iTunes or Google Play, but there have been others requested as well) & then to send the codes on the backs of the cards to the scammers. They will claim that they cannot talk on the phone due to the meeting & that they need the cards immediately to give to an important donor, award winner, alumni, etc. Gift card purchases are usually non-refundable so even if the scammer doesn’t get the money from the cards, it is unlikely that you will be reimbursed if you purchase them. Please forward any emails you receive that appear to be part of this scam to abuse at Baylor dot edu.

Below is an example of this scam’s initial or secondary contact before they actually tell you what the task is, notice how poor the grammar tends to be in the scam emails – we all make mistakes in our writing, but phishing & scam emails are usually much worse. Also notice that the sending email address, although it has Baylor & edu in it, they are before the @ symbol & this scam email is actually coming from a Gmail address (another popular example is to use a hyphen, like Bruiser-Bear@outlook.com).

 

 

 

 

 

Here is the text when they ask for the gift cards, it isn’t always exactly like this but the general message is always similar to what is shown below:

URGENT!!!

Good to hear from you, I am tied up right now i need you to walk down to the store and get me iTunes gift card or Steam gift card 5 pieces – $100 each, Scratched it all and take a picture of them and send it to me here. I would reimburse you when am through, also i would have call you but can’t receive or call at the moment because am in a conference call.

The scammers will also replicate the user’s signature or just steal something that looks like a signature. We have seen entire CV’s copied from a website, complete with head shot & teaching schedule used as email signatures during this scam. I made the example below a bit generic because I did not want it to look like any one person’s signature.

Professor and Department Chair
Office Hours
M/W — 10:00-11:00am and 2:00-4:00pm; F—9:00-10:00am
TR —by appointment (afternoons)
Education
Ph.D., State University,

Or the scammers might flip the closing with the name like below.

Bruiser Bear, Ph.D.

Regards.

This one is fairly straight forward, but likely not at all what Dr. Livingstone’s email signature looks like:

Best Regards,
Linda Livingstone
The President
Baylor University

Adult Content Extortion Emails…Again? Still?

We have seen a high number of emails that look like the one in the image below, but have various subject lines & a different MsgID number at the bottom. Everything these emails threaten is false, including the fact that they sent it from your own email account. The scammers are using a technique called email spoofing, which is the creation of a message with a forged sender address intended to mislead and/or prank the recipient about the origin of the message. This is very common in spam, phishing, & other scam messages. It is the equivalent of placing someone else’s return address label on a letter sent via the postal service.

We are able to block these emails based on the Bitcoin wallet addresses listed, but because they are sent from random email addresses from various free email providers we are unable to stop them all. Please continue to ignore these emails, but also feel free to forward them to abuse at baylor dot edu so that we may continue our efforts to block as many as we are able.

Sample Subject Lines:

  • No longer private!
  • Your friends will be shocked!
  • You dirty dog!
  • I got something from you!
  • You better read this!
  • Your chance!
  • Shame on you!

Scam Emails Asking If You Are On Campus/Available

The scam where you get an email that appears to come from your supervisor, dean, or another higher up at the university is not slowing down. The most common spoofed individuals are the University President, the Dean of the Law School, & the Athletic Director, but the scammers are also imitating department heads & others as well. In the case of these emails, please forward them to ITS via the Help Desk or abuse at baylor dot edu so that we can block that email address from sending to or receiving email from Baylor addresses. There is no danger to your system or the individual’s system that they are imitating as no actual hacking or unauthorized access has occurred.

Some tips to determine that the email is a scam:

  • the email is short, usually one or two sentences & it lacks proper spelling, grammar, capitalization, and/or punctuation
  • the sender’s email address may display the proper Baylor email address of the individual they are imitating, but if you right click & select ‘Open Contact Card’ or click the Reply button the actual address that you will see will NOT be an @baylor.edu email address
  • the sending email address might include baylor.edu but it will NOT be after the @ symbol, meaning it is NOT a Baylor email address
  • the scammers are copying signatures to make the email seem legit, so always verify the email address before replying
  • if they ask you to purchase gift cards for any reason & to send them the codes from the back of the gift cards, cease communication immediately & contact the Help Desk so that ITS can block that email address from communicating further with Baylor employees

Latest News

Instead of the click here to re-activate your mailbox from being permanently deleted or green boxes inviting us to view the entire message, we are seeing a bunch of the previously mentioned extortion scam emails & the ones that come from outside of Baylor but are pretending to be from leadership (your supervisor, deans, the athletic director, head coach, or even President Livingstone) inviting you to respond to an urgent request that cannot be handled on the phone because the sender is in a meeting that they cannot step away from. Although these may not be your traditional phishing emails, they are still scam emails & we wanted to highlight both of them here again. One thing you will notice, especially in the adult content extortion email – the spelling, punctuation, & grammar are odd. This is usually a sign that the email is being run through some sort of language translator & a big indicator that the email is a scam.

Adult Website Extortion Scam (this one is quite lengthy & uses some interesting spacing & line breaks…)

 

 

 

 

 

 

 

 

Fake Request From Leadership Emails (notice the @my.com email address, they have also used Gmail addresses in the past)