The Office of Technology has received many reports of directed email scams targeting TWU faculty and staff in an attempt to get the recipient to purchase gift cards and to email the gift card numbers to the attacker. If you receive such a message, DO NOT RESPOND.

How to identify these attacks

In these attacks, TWU faculty and staff are sent email pretending to be from university leaders, typically deans, directors, or department heads. The emails arrive from random email addresses that are sometimes crafted to trick the recipient at first glance but are not really from a TWU.EDU address. For example, the email may arrive from “bobgreen.twu.edu@gmail.com” or “bobgreen@xyz.com” but not from “bobgreen@twu.edu”. The name of the person sending the email is changed to the name of the university leader (e.g. “Bob Green”). Sometimes the sender is hoping that the recipient will not notice that the email is not from TWU but in other cases it has purported to be from the leader’s personal email account. The email attacks sometimes begin with an email such as “Are you available?” and if someone responds, the attacker posing as the leader explains that they are caught in a meeting, can’t take calls and need the recipient to buy gift cards for them and will reimburse them later. Other attacks have had the “please buy gift cards for me” message included in the first wave.

Prevention & Response

These attacks are taking place at universities across the country. Due to the use of random senders and the commonplace text in the emails of these attacks, the Office of Technology is unable to prevent them without blocking legitimate email. Awareness is the best prevention: If you receive such a message, do not respond.