Grand Canyon Synod of the ELCA

View Original

Scammers are impersonating as bishops, asking for money and gift cards

Brian Flatgard

We have learned recently that some of the Bishops in other synods have been impersonated. The scammers are using email and posing as the Bishop asking for money and gift cards. The emails appear quite legitimate and are using the synod logos in some cases.

Please be assured that Bishop Hutterer would not solicit donations in this fashion.

If you receive any requests of this nature or are ever uncertain as to the legitimacy of any communication that appears to come from the Bishop, please contact the Synod office as soon as possible. 

Thank you for your vigilance and your help!

More info from the ELCA:

Jonathan Beyer, Executive for Information Technology with the ELCA, shares this response:

We conducted more analysis and brought in the security advisor we have under contract at Churchwide for their assistance as well.  We did not discover any compromise of churchwide lists, but in analysis of the emails noted some key findings:

  1. The spoofing and phishing attack was very targeted and planned.

  2. Potentially multiple attackers working together due to different message style, for example, afternoon second email is different than the evening second email

  3. Likely that recipient emails lifted from website, social media, or third party email provider compromised lists for sale on dark web

In conducting the analysis, we have several recommendations;

Communication

  • If not already done, post message to Bishop’s listserv that email spoofing attacks are currently taking place targeting Bishops and Synod rostered leaders;

  • We recommend having Synods send an email to leaders / congregations alerting of email spoofing and to be on the watch for look-a-like personal email addresses impersonating Bishops, only respond to official Synod email addresses

  • Recommend that synods, especially Bishops who are a target, reset any Synod related passwords in the event of any compromise

Tactical - General prevention tips:

  • If you don’t change your password regularly, do it today

  • Avoid posting emails, list of emails, or documents containing emails without protection on websites / social media

  • Avoid using personal or free Email addresses such as Gmail, Yahoo, etc., these are more vulnerable and easy to fake with look-alikes

  • Implement two-step verification (e.g. email and phone call) for any financial transactions or wire transfers

  • Provide security awareness training to staff and rostered leaders.  Here is a link to a webinar that we conducted in April that may be a good starting place, https://www.elca.org/Resources/Information-Technology#Webinars We also have a good phishing avoidance piece posted on ELCA.org.

Strategic - Implement defensive security and email controls

Report to Law Environment: Provide details of attacks to FBI, they may correlate any small cases with larger cases they are working on.