Widespread E-Mail Scams Targeting Faith-Based Organizations
​and Local Government Employees
UPDATE ON THE PHISHING SCAM:
  1. Please see full text below from URJ partner Secure Community Network (SCN) with details about the current scam
  2. If your congregation was targeted (your rabbi’s email was copied and your congregants received requests for gift cards because the rabbi was supposedly in distress) it’s very important that you report it here to the FBI's Internet Crime Complaint Center at: ic3.gov The more people who report – clergy, staff, lay leaders, and congregants from the same congregation – the more data the FBI will have to work with. It is really hard to shut these scammers down, but more reports help.
  3. Learn more from this article: https://forward.com/news/national/439290/gift-card-email-scam-rabbi-clergy/


Overview

Over the last several weeks, employees of multiple local/municipal government and faith-based organizations, to include Jewish institutions, throughout the United States have received emails from individuals claiming to be members of the recipient’s organization or local community. There have been increased reports of these events over the last week.

In all reported incidents, the email begins with a request for a favor from the recipient. In incidents where the recipient has responded to the email, the sender claims to be unavailable, due to a meeting or other reason, and requests that the recipient purchase gift cards for a named retailer in specific monetary amounts. The sender further directs the recipient to provide the number and PIN information for the gift cards, via email, once the cards have been purchased.

In each incident, the email has been sent from a Gmail address created to mimic a legitimate organization email address. Additionally, all reported emails have contained signature blocks that are accurate to the institutions they are attempting to imitate.
A similar effort was reported by numerous organizations in July 2019.

CyberAttacks - Overview

The number of cyberattacks, to include ransomware demands and phishing emails, has risen steadily over the past few years. Hiscox, a global specialist insurer, conducted a review of cyber attack trends among firms spanning 15 business sectors, to include non-profit organizations, and found that in the United States in 2019, 53% of firms reported a cyberattack, as compared to 38% in 2018. They also found that smaller firms are increasingly likely to be targeted (47% reported one or more incidents in 2019, as compared to 33% in 2018).

Phishing techniques, and more recently, spear-phishing techniques, are common methods of cyberattacks. Such methods involve crafting messages, pretending to be sent from a trustworthy source, which in fact contain malicious links or documents allowing the cybercriminal to access systems and sensitive information. Spear phishing, which has become increasingly common in recent years, involves making malicious messages more personal, creating phishing emails with identifiable personal or corporate information. Under the guise of the messages being sent by a trusted source, the user is more likely to click on a malicious link or document.

Cybersecurity Best Practices
To ensure the safety and security of online information, the following steps are recommended:
  1. When someone is requesting the transfer of funds, the purchase of gift cards or the donation of things of monetary value, confirm the legitimacy of the request directly with the alleged sender through a means other than how you received the request (e.g., telephone the person to confirm the request if it was received over email).
  2. Always check email addresses to confirm that they are coming from the legitimate sender (not a fake account made to look real). Avoid any links or files shared by individuals that cannot be contacted outside of email correspondence.
  3. Never exchange sensitive information over email, to include passwords, PINS, or information that can be used as personal identification (e.g., birthdays, social security numbers)
  4. Use complex and unique passwords to prevent unauthorized account access. Two-level authentication, such as requiring a password and a text message to log in, can provide additional protection.
  5. Regularly update antivirus software, firewalls, emails filters, and anti-spyware to prevent unnecessary risk and criminal access.


Impact to the Jewish Community Recent events, to include the information contained in this report, demonstrate a continued interest by cybercriminals to target Jewish institutions, organizations, and interests with cyberattacks. Leadership and security personnel are encouraged to review and update cybersecurity policies and procedures on a regular basis in order to identify potential vulnerabilities, and train staff in recognizing potential harmful emails, links, and sites. SCN has been in touch with relevant partners and will continue to monitor events and provide updates, as necessary.

Resources
Report Suspicious Activity
Follow established protocols to report suspicious activity – to include contacting local law enforcement and/or the relevant suspicious activity reporting authority – and contact the SCN Duty Desk at DutyDesk@securecommunitynetwork.org or by calling 844-SCN-DESK.