September 22, 2023

VUMC Enterprise Cybersecurity issues warning against business email compromise attacks

By: VUMC News and Communications

VUMC Enterprise Cybersecurity (VEC) is issuing a warning to VUMC users to be alert for business email compromise (BEC) attacks with trusted figures.

VEC has recently noticed an increase in BEC cybercrime tactics directed at VUMC users. This type of cybercrime is where a scammer uses email to trick someone into sending money or divulging confidential company information. An example is the culprit poses as a VUMC trusted third party then asks for a fake bill to be paid or for sensitive information.

The following is a potential scenario that could be encountered by someone impersonating VUMC personnel or a VUMC trusted third party:

  1. You receive an email from them with a sense of urgency to respond.
  2. They will ask you to complete a task kindly or quickly. For example, the scammer will use phases like, “I need payment quickly” or “kindly send confidential records”.
  3. The email sender will appear close enough to be a trusted third-party. For example, the email address will appear as john.smith@vurnc.org, but the valid email address is john.smith@vumc.org.

Recommendations on how to be vigilant of these attacks.

  • Beware of urgency to respond and or to complete a task.
  • Closely inspect the sender for any misspellings. For example, Jonn.Smith@vumc.org instead of John.Smith@vumc.org.
  • Closely inspect sender for character substitutions in email addresses or web links that attempt to look similar to the real email or link. For example, you may see “vurnc.org”, “vumc.0rg” or “vvmc.org”.
  • For high value transactions, don’t rely solely on email communication. Follow up with a phone call to a previously known phone number or meet in person to verify the communication.
  • Beware of irregular requests outside of normal workflow. For example, the email asks you to send payment through wire transfer or through a mobile payment service such as Cash app or Google Pay.

If you suspect you have received an email like what’s described in this article, please report to phishing@vumc.org and cease communications with the sender immediately. Do not relay your information until this is confirmed by a known source.