Gift Cards Anyone? A ‘Good’ Email Scam

Two Really ‘Good’ Phishing Email Scams

Our bookkeeper received an email that looked like it was from me. It was from Catherine Wendt and the email address was text@tmobilelte4g.com.

It said I was thinking about an Employee Incentive program and I’d like to ‘spring some surprises and put a smile on some faces today.’ Then I asked her to purchase some gift cards ‘today’ and suggested Google Play/Best Buy/and Target. The final touch was to keep it confidential until we give them out and it was signed ‘Catherine’ from my mobile phone.

She didn’t see it until later in the day so she wasn’t able to get all of this done. She went to Mary and apologized and said she’d get to it right away. Interesting…

So a couple of things:

-We don’t use T-Mobile
-My ‘From’ email is ‘Cathy Wendt,’ not ‘Catherine’
-I don’t send last-minute things like this; I always give the staff advanced notice; they’re busy!
-I don’t send email through my phone very often
-I was actually at the office all day on the day it was sent, right down the hall!

Mary knew all of this and was very suspicious, so she asked to see the email and helped Diane learn these clues. Diane’s a smart cookie with experience at an IT company; this one was ‘good’ though!

The next email was the following week, a Tuesday again, but earlier in the morning. It also said ‘From’ Catherine Wendt, but this time the email address was text@sprintwirelessmessages.com. A very similar request, that we’ve been brainstorming some employee incentives, and would she ‘quietly and discretely’ buy the cards. It said to ‘Revert to this email’ instead of ‘Reply’ and it was also signed ‘Catherine.’

We don’t use Sprint either and there were grammar/word choice errors this time. I think she was targeted since she is a new employee, and they knew just enough about the rest of our company to make the whole thing convincing.

Bottom line? Educate your staff, tell them that you will not make this kind of request via email or text; all monetary requests have to be a phone call. And, anything that says not to tell anyone is automatically suspicious! – CMW