If you receive an email that appears to be from someone in leadership (President, VP, Dean, Chair, Athletic Director, etc) that is asking if you are available or on campus to complete a task, please over analyze the email address (not just the display name that shows up in your email program). It is likely that this is a scam email that will ask you to purchase hundreds of dollars of gift cards (usually iTunes or Google Play, but there have been others requested as well) & then to send the codes on the backs of the cards to the scammers. They will claim that they cannot talk on the phone due to the meeting & that they need the cards immediately to give to an important donor, award winner, alumni, etc. Gift card purchases are usually non-refundable so even if the scammer doesn’t get the money from the cards, it is unlikely that you will be reimbursed if you purchase them. Please forward any emails you receive that appear to be part of this scam to abuse at Baylor dot edu.
Below is an example of this scam’s initial or secondary contact before they actually tell you what the task is, notice how poor the grammar tends to be in the scam emails – we all make mistakes in our writing, but phishing & scam emails are usually much worse. Also notice that the sending email address, although it has Baylor & edu in it, they are before the @ symbol & this scam email is actually coming from a Gmail address (another popular example is to use a hyphen, like Bruiser-Bear@outlook.com).
Here is the text when they ask for the gift cards, it isn’t always exactly like this but the general message is always similar to what is shown below:
Good to hear from you, I am tied up right now i need you to walk down to the store and get me iTunes gift card or Steam gift card 5 pieces – $100 each, Scratched it all and take a picture of them and send it to me here. I would reimburse you when am through, also i would have call you but can’t receive or call at the moment because am in a conference call.
The scammers will also replicate the user’s signature or just steal something that looks like a signature. We have seen entire CV’s copied from a website, complete with head shot & teaching schedule used as email signatures during this scam. I made the example below a bit generic because I did not want it to look like any one person’s signature.
Professor and Department Chair
M/W — 10:00-11:00am and 2:00-4:00pm; F—9:00-10:00am
TR —by appointment (afternoons)
Ph.D., State University,
Or the scammers might flip the closing with the name like below.
Bruiser Bear, Ph.D.
This one is fairly straight forward, but likely not at all what Dr. Livingstone’s email signature looks like: