FOLLOW-UP &

URGENT



Y's Men Scam Alert -- December 15, 2024

Communications Chief Dick Kalt advised a follow-up to say that if you're asked to buy gift cards for whatever reason do not do it.

If you receive an email that is similar to the one below, which was received by more than one Y's Men member today, please ignore. This is called a spoof. There's a detailed explanation of spoofing below the email. Please read both.

Dear Bill,

Are you available to offer help? I'm currently out of states, but I have perfect trust in you to handle this task for me. The Y’s Men of Westport / Weston requires electronic gift cards in order to make donations to Veterans in Hospice and Palliative care units for the purchase of COVID-19 prevention items. I'm responsible for the reimbursement upon my return. Do you want more information?

Sincerely,

Bruce Borner, President

Y’s Men of Westport / Weston 

Note that while the email appears to come from Bruce Borner, the email address in this case is obviously not Bruce's.

From: Bruce Borner <angel.mendez@uniware.com.mx>

This is not always the case. Sometimes the name and email address are legitimate. However if you click "Reply" often the non-legit email address will show up in the TO: of the reply email.

Spoofing Explained

Spoofing is a type of scam where a fraudster pretends to be someone else to deceive others. In the context of your membership organization, if the president is being spoofed, it means that someone is impersonating the president, likely through email or phone calls, to trick members into believing they are communicating with the actual president.

Here’s a breakdown of how spoofing works and what it means for your organization:

What is Spoofing?

Spoofing involves using technology to disguise the true identity of the sender. This can be done through:

• Email Spoofing: The scammer sends emails that appear to come from the president’s email address. They might use a similar-looking email address or manipulate the email header to make it look legitimate.
• Caller ID Spoofing: The scammer makes phone calls that appear to come from the president’s phone number. This can be done using software that changes the caller ID information.

Why is Spoofing Dangerous?

• Trust Exploitation: Members might trust the communication because it appears to come from a known and trusted source.
• Sensitive Information: The scammer might ask for sensitive information, such as personal details, financial information, or login credentials.
• Financial Fraud: The scammer might request payments or donations, leading to financial loss for members or the organization.

How to Protect Your Organization

1. Educate Members: Inform your members about spoofing and how to recognize suspicious communications. Emphasize that they should verify any unexpected requests for sensitive information or payments.
2. Verify Communications: Encourage members to verify any unusual requests by contacting the president or the organization through known, trusted channels.
3. Use Security Measures: Implement email authentication protocols like SPF, DKIM, and DMARC to help prevent email spoofing. Use caller ID verification tools to detect and block spoofed calls.
4. Report Incidents: If spoofing is suspected, report it to the relevant authorities and take steps to mitigate any potential damage.

By staying informed and vigilant, your organization can better protect itself and its members from spoofing attacks. If you have any specific concerns or need further assistance, feel free to ask!