Spear Phishing Wire Transfer Request

Stay alert for phony wire transfer requests which surface at Brown periodically, usually targeting individuals who work in financial or senior level offices. Commonly known as "spear phishing", these emails attempt to impersonate a high-level executive, usually spoofing an email address that may be known or look familiar to the recipient.

The perpetrators of this particular scam may craft fairly believable messages, weaving in specific details, as in the example below that included the actually routing number of the named bank. On closer inspection, however, the reader will notice errors in grammar, punctuation and other clues that something is not quite right. Like most phishing, it tries to elicit a quick response by raising the level of urgency.

From: officepresident06 @gmail.com
Date: Wed, Sep 20, 2017 at 1:04 PM
Subject: Urgent Request
To: [ Brown email address ]

Kindly go ahead to initiate the Wire transfer on my behalf today and process the transfer as the same-day CHAPS Wire transfer instant payment to the beneficiary account. Because it is very urgent and confidential.

Here is the information for the Wire bank transfer:

Account name:  Xxxx Xxxxxx
Account number: 1234567890
Routing number: 987654321
Bank name: XXX Xxxxxxxxx Xxxx
Bank address: 1234 Xxxx Xx Xxxxxxx, XX 123456
Home address: 4321 Xxxx Xx Xxxxxxx, XX 654321

Amount $12,500

The payment is for a project we are sponsoring. I will have the documentation ready before the end of the day.

NOTE: I'm still waiting for the hard cover of the invoice in order to know where to code this transaction, hopefully I should receive it later today or tomorrow,Reference it as donation which I will reimburse by Next week, Please note there is an incoming transfer coming soon, I will let you know when the beneficiary company get in touch with me. Get back to me with a copy of the payment slip via email once you get the Wire transfer done.

Phishing Email (on campus)

Written by pfalcon@brown.edu on