Security Awareness: How to Recognize and Report Email Impostoring


Cybercriminals send fraudulent emails to their target with the sender-name of a known person such as a high-level executive in an organization.  However, the imposter's sender email address will not be a valid email address using the organization's domain name, such as  Organizations like ISU are a target for email impostor scams due to a large number of user accounts in our campus community and the large amount of sensitive data maintained by the university.  The sender is attempting to get the target to respond to the request and take action to participate in the scam. 

Common Email Scams

  • Requesting the recipient to buy gift cards for a contest or office gift and provide them to the sender. 
  • Fake job offers.
  • Change to bank account and direct deposit information.
  • Requesting institutional information.


Below is an example of an impostor email.  When you receive an email asking you to take action such as following a link and responding, take caution and examine the email to determine if it is a trusted sender.


A- Check both sender name and sender address.  If the sender address is a free to use email domain like or and others it is highly probable that it is an impostor.

B- Does the email have a yellow banner indicating an external sender?  That does not automatically mean it is fraudulent but you should slow down and  examine the email more closely.

C- Incorrect grammar is common in impostor emails.  Look for grammar errors as an indicator that the message is fraudulent.  

D- An urgent, immediate requests for a response are indicators that the email is fraudulent. 

E- Be especially careful following links.  Look carefully at the address in the web browser. 

F- Phones commonly only show the sender-name and do not show you the EXTRA careful if using your mobile device and ALWAYS check the sender email address. 


Be careful reading and responding to email.  Report any suspicious email to  If you believe that you might have revealed sensitive information about your ISU account, such as your password, then please reset your password immediately at and contact the ISU OIT Technology Support Center at 812-237-2910

Additional Resources

See related articles for more information about how to stay safe online. 

100% helpful - 2 reviews


Article ID: 117957
Thu 10/8/20 2:38 PM
Mon 6/5/23 12:05 PM

Related Articles (2)

Making the most of technology safely and securely can seem overwhelming and confusing. However, regardless of what technology you are using or how you are using it, here are four simple steps that will help you stay secure.
This article describes the steps to take and what to look for in an email to help you identify an email phishing scam and protect your personal information. This article is for students, faculty, and staff.