A phishy tale

We were in the middle of PRide preparations, and we’d had a Committee meeting the week before. So when I got an email yesterday from Paul, our Chairman asking me to make a big-money transfer, I wasn’t too worried. I figured he’d negotiated a deal on something to promote what we do.

There wasn’t an invoice attached. First warning.

Answering him on my iPhone, I asked what the payment was for, mentioned that we did have the funds available but we were waiting for someone else to pay us.

He replied to say that he’s spoken to that person on the phone and that the payment was in connection with that… and here are the bank details. Second warning.

Which is when I got really worried – and slightly impressed. I’d heard about this scam before, but the level of effort was quite impressive. Whoever it was had managed to impersonate Paul’s writing style, called me by my first name and emailed the address I use for CIPR stuff from Paul’s work address. If the details of the proposed transaction weren’t so obviously wrong I might have carried on the conversation and revealed more than I should have.

The advice from our bank is to call or see in person the person who sent you the email – not easy to do with members of voluntary groups.

I read the email in three email programs. Mail on my iPhone said it came from Paul. Outlook on my laptop said it came from Paul. Thunderbird said it came from Paul… but that the Reply-To address was different. Reply-To is a perfectly legal email function thing that allows, say, HM The Queen to invite you to a garden party while your response goes to the someone else doing the organising.

Sadly, our modern email clients prevent us from making this simple check by not allowing us to easily see the email headers, or even if the reply is just going to someone / somewhere else. Only Thunderbird did it, and I’m trying to wean myself off that package on to something more up to date.

It’s only a matter of time before one of us is caught out out. So, if you do get an email like this, and you want to query it, and you can’t easily get hold of the sender – forward it, don’t reply to it.

PS. Being unemployed, with no-one to talk to, it did cross my mind to keep stringing them along until they got bored… they did, after all, email me last night and again this morning…

Post navigation

Previous post
The year we failed to make contact
Next post
I love a good conference