HSC Information Security in collaboration with ITSS Messaging and Online Services announces an initiative to combat pervasive executive email impersonation.
Have you received an e-mail from one of our HSC executives or, maybe even your supervisor, asking you to text them, and then to buy them some gift cards? You’re not alone. It’s a very pervasive and persuasive scam where an attacker uses public knowledge of a company’s organizational chart to send fake messages to employees pretending to be their supervisor or another executive within the company. The full scam usually comes to light when the victim is asked to purchase several hundred dollars in gift cards and to send photos of the codes through texts or another unknown email address.
On, Friday March 19th, HSC Information Security hopes to end most if not all executive email impersonation attempts by deploying a tool from Microsoft called “Advanced Threat Prevention for VIP’s”. This tool will help our users avoid being victims of this scam by either blocking messages purporting to come from one of our HSC leaders or by placing a warning in the body of a received message letting the recipient know that the sender’s email address isn’t the usual address that sender uses.
The blocking and tagging of these messages in such a way is intended to give our HSC mail users more details to make an informed decision about the veracity of a messages origination and its true intent.
These changes are not expected to cause any disruption to the receipt of legitimate email.
For more information please contact informationsecurity@unthsc.edu