Spoof emails are attempts of online money scams which use the mimicking of emails addresses so that may look like those used by the priests and religious in our Archdiocese.
These incidents took place in our Archdiocese in July and September-October 2018.
These spoof emails usually start with an innocent question or remark which draws a response from the recipient. For example “I need a favour from you, please email me back”. If the email recipient replies, he/she identifies himself/herself as a potential victim to the scammers.
Be wary when receiving emails from addresses you are not familiar with. And when in doubt, contact the person by other means.
Read on to empower yourself and learn how to handle spoof/fake/fraudulent emails.
How to spot a spoof/fake/fraudulent email?
- The email address is different from the organisation’s regular domain name (e.g. catholic.org.sg)
- It is sent from a different address (usually a free email account) than what is usually used by the sender
- The email was completely unexpected, uncharacteristic of the sender and out-of-the-norm
- It may use a greeting or salutation that you’re not familiar with or seems out-of-the-ordinary
- It may contain spelling, grammatical errors or sentence structures which seems abnormal
- It may contain an urgent call-to-action or to request urgent help (e.g. log in to your account now, or an appeal for urgent help)
- It may start with quick question or remark which draws a response from the recipient (e.g. Are you available, I have an Urgent Request)
- It may request your assistance to purchase an electronic voucher or gift card because the sender cannot for whatever reason
- It may request personal information such as user name, password, etc and may lead to an official-looking website (always double-check online for official website addresses)
What should I do if I receive a spoof/fake/fraudulent email?
- Do not reply to the email or contact the sender in any way. If you do, you identify yourself as a potential victim to the scammers
- Do not open any attachments or click on any links on the email. It may lead to a virus or malware infection
- Report the spoof/fake/fraudulent emails to the respective email service providers. Learn how to do it here (read Part 2 – Reporting Scams on Different E-mail Accounts)
What should I do if I’ve already got scammed or provided sensitive information?
- Contact the police and make a report here
- Contact the relevant organisation/s that you may have given details about (eg. your bank, credit card company, etc)
Note: Members of clergy, the religious, and Archdiocesan organisations without catholic.org.sg email accounts should request an account now.