We have received reports of an e-mail impersonation scam, referred to as “Display name spoofing” that has been going around from a handful of fraudulent e-mail addresses spun up for the purpose of conning our users. The fraudulent e-mail addresses spun up will contain the “display name” of a real WCSU user but the e-mail address will be one the scammers created just for the scam.

Please reference the SANS poster “ opens in a new windowDon’t get Hooked!opens IMAGE file ”, Phishing indicator A as well as the other indicators to lookout for, and “ opens in a new windowThe Evolution of Friendly Name Spoofingopens IMAGE file ” for more information on the family of related e-mail scams. We are evaluating visual warnings for external e-mails sent to our users as a potential additional indicator.

Below is a redacted example of what the impersonation messages may look like: (The scammers are phishing for victims to respond so they may keep the initial e-mail brief to reel you in.)

If you respond, you may get a response such as this:

Please do not fall for these scams. Be especially cautious when responding to e-mails from a mobile device as they may not show you the sender’s address without clicking on the “Display name” or a link to “View details”.

If you do receive a scam like this, please “Forward as Attachment” to opens in a new windowphish@office365.microsoft.com and/or notify the ITI Service Desk for assistance