Phishing for Gift Cards

July 17, 2019

"Hey, are you available?"

It started off innocent enough. On a typical Wednesday afternoon, a staff member received an email from the Dean of his department asking if he was available. Startled by the direct inquiry from her, he reviewed the sparse content, verified her email signature, and replied. The Dean responded that she was in a meeting and couldn't be disturbed by phone, but needed his help purchasing iTunes gift cards for prizes. Eager to assist the Dean, he quickly logged onto Amazon and bought several $50 cards and let her know they were in his office for pick-up. She asked him to send her the activation codes instead, which of course he did. 

It was then that the staff member stopped to think about the transaction more and noticed the email address appearing to be that of his Dean's was actually a fake. In under 10 minutes, the attacker stole $250.

In the past few months, the campus has seen an increase in these types of phishing attacks. The most common form is a short message that starts with something like, "quick help needed," "are you in the office?", or "available?" from a person of authority. Often the messages appear to come from vice chancellors, deans, and department chairs. 

These messages are designed to engage you in a conversation and prey on your desire to help a fellow Berkeleyan out. They will ask you to scratch off the back of the card, take a photo, and send it to the person. At that point, the value of the card passes to the imposter, leaving you responsible for the cost of the gift cards.

While there is no automated way to detect and block these attacks, you can help the community by reporting them to consult@berkeley.edu. The bConnected team will block the sender email so that no one else is tricked from that address.

Be sure to visit our Phish Tank to see other examples of phishing attacks on campus