As many of you may recall, email scammers targeting our church staff and members have several times over the past few years sent out fake emails looking like they come from our minister or other staff, asking the recipients to contact them or do them a quick favor (often involving the delivery or transfer of gift cards).
On Thursday, August 10, we were alerted to yet another new round of these phishing scams, this one sent to Nurit Gordon, our church administrator, from “Pastor Rev. Jeremiah Lal Shahbaz Kalendae.” The full text of the message was:
From: Pastor Rev. Jeremiah Lal Shahbaz Kalendae <mailoffice5502@gmail.com>
Sent: Thursday, August 10, 2023 6:33 PM
To: admin@uusm.org
Subject: Chloe Vaughthello, is this a good time to talk to you?
As you may note, however, although Rev. Jeremiah’s name was in the “From” line on the note, the email address the note came from – mailoffice5502@gmail.com – is NOT a uusm.org address, and it does NOT belong to Rev. Jeremiah or anyone else at our church. So if you receive a copy of this note, or anything similar, please:
- DO NOT click on it or respond, and…
- DO look at the sender’s email address. If the note does not come from a uusm.org address, it does not come from anyone at our church, and you should just ignore and/or trash it.
Unfortunately, these notes, using a technique called “spoofing” to make them look like they’re coming from someone familiar when they’re not, are not traceable, and each time we’re hit with one, it comes from a different untraceable address than the last round, with slightly different message text, which further muddies the waters. So there’s really nothing we can do besides give people a heads up and remind everyone that if something about a note like this looks or feels even bit off (such as using the awkward honorific “Pastor Rev. Jeremiah Kalendae”) or if it contains a request for a personal favor or contact from someone who may not usually make such a request, you should definitely trust your gut reaction, know that it is not a legitimate request, and not engage with the message.
