E-mail impersonation scams that involve gift card requests were prevalent over the past Christmas holiday season, and some dioceses, churches, clergy and other congregational leaders continue to be targeted.
A common tactic in these scams (also known as “phishing”) is to send e-mails that appear to be from the recipient’s employer or a leader of an organization that the recipient is affiliated with (or, in church contexts, the e-mails might appear to be from the rector or a bishop). The scam e-mails say that urgent help is needed and request that the recipient buy and electronically send gift cards from a specific company, commonly Amazon, iTunes or Google Play.
These scam requests appear to come from a legitimate e-mail account of a known person. They usually convey a sense of urgency. They often incorporate a signature line that looks legitimate at quick glance.
Gift cards are favored by scammers because, once they’ve got the code from the back of the card, the money is as good as in their hands and nearly impossible to trace.
What to do:
- Inform your congregation about these phishing scams and reinforce the message that clergy and church leaders will never ask for emergency aid or donations in this way.
- Be skeptical of unexpected e-mail requests to send or spend money.
- Read with caution any e-mail that asks for gift cards. Look for tell-tale typos and grammatical mistakes, and double-check sender e-mail addresses for authenticity.
- If you believe a request may be authentic, phone the requester to confirm.
- Find more information about phishing scams, including how to report them, at www.consumer.ftc.gov/articles/0003-phishing.