Fraud Emails on the Rise
September 27, 2018
Dear Faculty and Staff:
In recent weeks we have seen multiple criminal attempts via email to either gather
sensitive information, disrupt operations or defraud the university.
These emails typically involve spoofing familiar names and email addresses in attempts to engage you in deceptive actions. This week, the message below was received by several employees:
Hello,
Do you have a moment. There is a document i recommend you take a look at <link removed>.
Regards.
Ira Kincade Blake
Office of the President
The email's subject line included the words, "[External – Whitelisted]." Upon close inspection, the sender's email address pointed to a Gmail account, rather than a legitimate UHCL address.
Two weeks ago, a UHCL employee was targeted by criminals who attempted to steal funds
through a fraudulent wire transfer. This attempt included an exchange of fake e-mails
from the "Office of the President" that directed the employee to initiate an urgent
wire transfer of university funds to a private bank account. The criminals knew or
surmised that the recipient had budget authority. Fortunately, the exchange quickly
aroused suspicions and was determined to be a scam.
These messages are not unique to UHCL. Employees elsewhere in the UH system, in other
universities and in organizations nationwide have been seeing similar attempts.
Individuals have also been targeted through similar scams involving personal banking,
investment and retirement accounts.
What should you do?
- Be skeptical of all messages you receive asking you to provide financial or personal
information. This pertains to your personal accounts as well as those you use for
conducting university business.
- If you receive a request via email or a phone call requesting a wire transfer or other
fund movement, regard it with suspicion – even if it appears to come from university
administrators or known financial institutions. In the case of university transactions,
you should be sure to follow all official university policy and procedures regarding
processing of any fund transfer requests.
- Should you receive a suspicious email, notify University Computing and Telecommuting,
following the directions on the Spam Management page.
- Do *not* reply back to an email or click on links in the message – even if the message appears to be legitimate. Instead, call the apparent sender to verify the request or use the steps that the FBI recommends below.
FBI recommendations:
- Be suspicious of requests for secrecy or pressure to take action quickly.
- Establish other communication channels, such as telephone calls, to verify significant
transactions. Arrange this second-factor authentication early in the relationship
and outside the e-mail environment to avoid interception by a hacker.
- Immediately delete unsolicited e-mail (spam) from unknown parties. Do NOT open spam
e-mail, click on links in the e-mail, or open attachments. These often contain malware
that will give subjects access to your computer system.
- Do not use the "Reply" option to respond to any e-mails requesting funds. Instead,
use the "Forward" option and either type in the correct e-mail address or select it
from the e-mail address book to ensure the intended recipient's correct e-mail address
is used.
- Beware of sudden changes in business practices. For example, if a current business contact suddenly asks to be contacted via their personal e-mail address when all previous official correspondence has been on a company e-mail, the request could be fraudulent. Always verify via other channels that you are still communicating with your legitimate business partner.
What are we doing?
UHCL has implemented business rules and procedures designed to guard against financial
fraud and protect the validity of all transactions involving payment transfers. These
procedures include requirements such as multiple authorizations, backup documentation
and other controls. It is important that all procedures are followed every time.
If you have questions or concerns about any requests involving fund transfers, please
notify Deja Sero in UHCL Administration and Finance by calling 281-283-2100. Also,
we are interested in hearing your suggestions for ways our financial transaction processes
can be made more secure. Send your suggestions to BudgetOffice@uhcl.edu.
Thank you for your continued diligence in making UHCL more secure.
Sincerely,
Ira K. Blake, Ph.D.
President