We’ve been seeing these emails from time to time. Someone pretending to be our senior pastor and asking staff members to do them a quick favor, which leads to asking for gift cards, and please hurry.
None of our staff have fallen for this. But, I got word this morning that it was just tried on some of our lay leaders to their personal addresses. (If you really dig around our website, you can find them, published in bulletins and such. That’s another story.)
My main question is - when this happens, is it worth reporting to the email provider or police or anything? Or, just keep training and reminding people to delete them and move on?
I report it when it’s gmail but I’m sure it’s an exercise in futility.
To me, the important thing is to train people. Our Sunday bulletins explain the scam. Priests mention it at the pulpit and there is a notice on every “giving” web page. I have been very please by how sophisticated our staff and parishioners have become.
Absolutely train your staff and lay leaders. In addition, sometimes it’s possible to do some things in software. Using the example above, almost always they impersonate the person at the top of the organization. For us, that is usually the senior pastor. But they use some other email address, even though they put the pastor’s name in the From field. With some email systems like Google Apps for nonprofits you can create a rule that says if the From field has a specific name, but not a specific email address it can be blocked or at least an alert when the recipient opens the email telling them they should be careful.
We had enough of these coming from our senior pastor and associate pastor that I set this up and it’s helped–at least for staff.
Train your team. There is no other way to combat this. We negotiated a huge discount for anyone mentioning they were referred by MBS for KnowBe4.com. They are best of breed, and no proceeds come to us from this. Here’s a link to our links page that explains it: Solutions and Apps - Ministry Business Services.
Always report these to ic3.gov. Your piece of data-- even if from a gmail address-- may be the dot that connects other dots and helps the FBI to nail these guys.
Update. I sent the following all-church email yesterday after about 5 reports of non-staff getting a similar email (it’s now up to 9). Two of them responded to the original and were then asked to get an ebay gift card (to pass on to a widow, please hurry, I’ll pay you back). Fortunately, none of our people have fallen for it, that I know of.
It has come to our attention that several of our church members have received emails today that claim to have been sent by Pastor Ritch asking for a “favor.” Please know that these emails are a fraudulent scam by someone impersonating Ritch using a false email account. This sender requests that the recipient purchase several high-value gift cards and then send the gift card numbers back to them via email.
We have no evidence that any of our database or church management systems have been hacked or compromised. All of the recipients have been church members whose email addresses are publicly connected to the church (i.e., listed as a person to contact for a specific ministry on the church website). No action is required on your part to secure your information, but it is urgent that you remain alert and very cautious of any email that seems out of the ordinary, even from someone you know. Here are some tips to keep in mind:
If something seems suspicious, reach out by another means.
If it doesn’t look legitimate, forward the email to me (email@example.com), and I can help confirm whether it is a valid request.
If you’re still unsure, do not respond or take action before you follow up with the ’sender’ (whether that is Pastor Ritch or any other person you know) by using another method of contact, like a phone call, or if you’re in the neighborhood, stop by the church office.
Keep in mind that scammers will say anything to persuade you to give them your personal information, to send some form of money, or to click a malicious link.
We have seen these emails come across… but mostly to our staff, luckily they are trained NOT to take any emails from our “senior pastor” to heart, because our SP ADMITTEDLY does not do email. We think that the string of virus emails are from bots scanning our staff directory page on the website, that included “mailto:” links for everyone. Since then, we have taken that link off, and have created a contact form on the site, LUCKILY… have not seen any emails since… so hopefully the problem is solved.