Scam Alert: Interesting scam I pretty well fell for

Read the Story

Show Top Comments

One of our managers fell for this last year. Cost him $500. He thought he got an email from our CEO. The scam email came through our “everyone” account. I laughed about it, but found out a week later that manager fell for it. Out of about 800 employees only one got tricked. I guess it just takes one and that’s why these scams keep happening. The tell tale signs were all in the email. It was poorly written, seemed urgent, wasn’t sent from one of our company email addresses. If anyone gets an email that seems out of the ordinary please please do yourself a favor and run through the bs test. Edit: Let me answer some of the points that some people pointed out below. 1. We have 2 mandatory tests the entire company must complete every year for IT security and email security. 2. Our company sends our reminders regarding phishing emails probably every quarter. If we are not sure about an email we are asked to contact our IT security team. 3. Our IT security team sends out fake tester emails to see who gets tricked and to raise awareness. 4. The manager was male around late 40’s. So it can happen to old or young, male or female.


I work in IT and you wouldn’t believe how many people fall for this every day.


With many email servers, it can be confusing. They allow mail to come in with a return address of from outside. So it looks like internal email. Our shop modified the mail transfer agent to add [External] to the subject line of any email coming through the gateway. That helps alert you into not an internal email. We’ve also had to do the same to the phones to keep people from spoofing internal numbers that would show up with the right name on the caller I’d.


You didn’t spend $1,200 of your own money because of an email, did you? So those gift cards went on a company credit card, right? “Uh, boss, I accidentally bought $1,200 worth of gift cards, but it’s a scam that I caught just in time. So, uh, now that I have the gift cards, should we just give them out to everyone?” Sounds like a reverse scam to me… 😉


I wonder if this is what scam was sent to me. I received an email from the president of the company. We have over 4000 employees, and aside from annual meetings, I have absolutely zero contact with him. The email said something like, please respond to this email, I have something private to talk to you about. It was written with such poor grammar that all I could do was laugh. Then I looked at the email again, and the name of the sender was correct, but it was some bogus Gmail.