The issue with E-mail Impersonation Fraud has been resolved.
If you are still experiencing service issues please contact the OIT Service Desk: https://oit.duke.edu/help
Posted Jul 19, 2018 - 10:59 EDT
Monitoring
The IT Security Office has recently received several reports of email fraud attempts where attackers are attempting to impersonate Duke staff.
These attacks usually attempt to impersonate staff members in management positions and follow the same general format:
*1*. The attacker registers an email address with an external email provider (ex: Gmail) that appears as if it may be a personal email account for the person they're impersonating.
*2*. Utilizing publicly available information to determine targets, the attacker then sends a message to users they suspect may work with the person they're impersonating. These messages are usually simple in nature and ask a question such as "Are you available?" or "May I ask a favor of you?".
*3*. If the user responds to the message, the attacker will respond to begin their fraud.
Any email message from a Duke employee not originating from a duke.edu email address should be treated with suspicion. As always, any suspicious message can be reported to security@duke.edu for evaluation.