How to Recognize and Report Email Impostoring

Introduction

Cybercriminals send fraudulent emails to their target with the sender-name of a known person such as a high-level executive in an organization.  However, the imposter's sender email address will not be a valid email address using the organization's domain name, such as @indstate.edu.  Organizations like ISU are a target for email impostor scams due to a large number of user accounts in our campus community and the large amount of sensitive data maintained by the university.  The sender is attempting to get the target to respond to the request and take action to participate in the scam. 

Common Email Scams

  • Requesting the recipient to buy gift cards for a contest or office gift and provide them to the sender. 
  • Fake job offers.
  • Change to bank account and direct deposit information.
  • Requesting institutional information.

Information

Below is an example of an impostor email.  When you receive an email asking you to take action such as following a link and responding, take caution and examine the email to determine if it is a trusted sender.

 

A- Check both sender name and sender address.  If the sender address is a free to use email domain like gmail.com or yahoo.com and others it is highly probable that it is an impostor.

B- Does the email have a yellow banner indicating an external sender?  That does not automatically mean it is fraudulent but you should slow down and  examine the email more closely.

C- Incorrect grammar is common in impostor emails.  Look for grammar errors as an indicator that the message is fraudulent.  

D- An urgent, immediate requests for a response are indicators that the email is fraudulent. 

E- Be especially careful following links.  Look carefully at the address in the web browser. 

F- Phones commonly only show the sender-name and do not show you the sender-address...be EXTRA careful if using your mobile device and ALWAYS check the sender email address. 

Conclusion

Be careful reading and responding to email.  Report any suspicious email to stop-spoofing@indstate.edu.  If you believe that you might have revealed sensitive information about your ISU account, such as your password, then please reset your password immediately at isuportal.indstate.edu and contact the ISU OIT Technology Support Center at 812-237-2910

Additional Resources

See related articles for more information about how to stay safe online. 

Was this helpful?
100% helpful - 2 reviews

Details

Article ID: 117957
Created
Thu 10/8/20 2:38 PM
Modified
Tue 7/27/21 10:05 AM