Warning of scam email / social engineering / “CEO fraud” [04.01.2022, CISO] Broad-based campaign against TU employees - goal: money in the form of vouchers

Since shortly before Christmas 2021, we have noticed a wave of scam emails to employees of the TU Braunschweig.

The emails supposedly come from the direct superior and (only) request immediate feedback (“Hallo, bist du verfügbar? bitte ich brauche dringend eure hilfe“).

The real email signature of the supervisor(s) is used. The mails always come from GoogleMail. The sender is always “real name of supervisor(s)” <initial.surname.tu@gmail.com>.

As soon as someone replies to this mail, the scammers try to persuade the victim to buy voucher codes in a shop and transmit the codes to the scammers. We were informed by the Braunschweig police that this has already been successful at other scientific institutions and that several thousand euros per case are involved.

Technically, the mails do not pose any danger: they do not contain any links or attachments. As they only contain one sentence each, automatic recognition and filtering is almost impossible.

Please do not reply to these mails under any circumstances!

Here is an example: