Quite a few people have reported a scam that is becoming common on campus and some have reported losing hundreds of pounds of their own money to scammers.
Scammers are sending email from various external email accounts claiming to be from senior members of departments. These are often highly targeted so that the person they are claiming to be will be in the same department as the intended victim. The emails are usually from Gmail accounts, but could be from other email providers.
The scam starts by asking a simple question like “Are you free?” or “Have you got a moment?”
If you respond, the scammer will send further email. The scammer will often say that they are stuck in a meeting or conference and cannot phone and will ask you to buy some gift cards urgently, with a promise to repay you. These are normally iTunes or Amazon gift cards or vouchers, but could be from any company that issues vouchers with a scratch off or electronic code.
The scammer claims that they need these urgently for a gift, often for a nephew or niece, and the amount will typically be £300 or more. They will ask you buy the vouchers or gift cards and send the codes. They may simply ask you to reply to the email or send them to a different address that they will claim belongs to the person who they want the gift for.
The scammer then uses the gift card and you lose your money.
How can I protect myself from this type of scam?
Remember that fraudsters want you to act without thinking so will try to make the matter seem urgent.
If you receive a request to do anything unusual, and particularly where money is involved, stop and think; is it likely that this would be happening?
All the recent examples have used Gmail accounts or similar. Colleagues will normally use their University email to contact you, so be extra careful if they appear to be contacting you using a Gmail account or similar. Anyone can set up this type of email address and pretend to be somebody they are not.
Sometimes hackers will take control of a University email address so you should still be suspicious any email asks you to do anything unusual and unexpected.
What do I do if I have bought the gift cards?
Contact the gift card issuer immediately to see if they will cancel the cards and refund you. We know of one person who was successful because as soon as they had sent the codes realised they had been scammed and managed to get the gift cards cancelled before they were used.
You can also report the scam to Action Fraud (https://www.actionfraud.police.uk).
You can also seek further advice via the IT Service desk (http://www.itservicedesk.bham.ac.uk).
Why can’t IT Services block these messages?
Scammers send messages that are short with legitimate phrases and the names of University members in them. If we block emails containing legitimate phrases and the names of University members we will block a lot of useful email.
We often get asked to block the senders email when these scams have arrived, which we can do, but this is almost always too late as people tend to reply immediately if they are taken in by the scam. New sender email addresses are created for any future attacks so this will not stop them the next time.
Some of the people sending these emails use sender addresses that start or end with the same few characters. When we see this happen we block future emails that start or end the same way if it is safe to do so. The scammers do change details of what they do over time, so this only helps in the short term.
What should I do if I receive such a message?
In most cases, the best thing to do is delete it.
If it is unusual or different, you can report it following the guidelines in https://kb.bham.ac.uk/KB12173
You can also report the scam to Action Fraud (https://www.actionfraud.police.uk).
