Phishing Alert - CEO Fraud Email

Information Security has observed a new sophisticated phishing attack commonly referred to as Business Email Compromise or CEO Fraud.

Why

This style of phishing attack incorporates spoofing the sender's address so as to appear as if it is being sent from an authentic WPI.EDU email address. This is a social engineering scam in which cybercriminals are spoofing company email accounts and impersonating executives or colleagues in an attempt to execute unauthorized wire transfers, collect confidential tax information, or even request the purchase of gift cards.

Impact

These fraudulent emails look perfectly legitimate but when you reply, the address will change to "replyreplaynow@gmail.com" or some other non WPI.EDU Email address. Please do not engage the fraudsters and report these messages to its@wpi.edu or phishing@wpi.edu.

Action Needed

Do not reply to the message. Please report suspicious email to the IT Service Desk.

Details

Image of an email spear phishing attempt

An example email of a spear phishing attempt

Image of a the email to field showing that this address is not legitimate

When looking at the sender, note that the address is not a legitimate WPI address


Timeline

Posted: 11 June 2019, 8:15 PM

Start: 11 June 2019, 7:30 PM

Status

Completed


Timing

From

Tuesday

11 June 2019

7:30 PM

Posted

11 June 2019, 8:15 PM


Audience

Alumni Emeritus Faculty Staff Students