IT security notification: Executive impersonation

October 8, 2020

The IT Security team is advising the McMaster community to be aware of increased instances of executive impersonation attacks.

Executive impersonation fraud occurs when criminals pretend to be a person of authority at the university and send an email message requesting iTunes gift cards or something similar that can be given as a reward or prize.

The request is usually for something that is redeemable online with a monetary value of ~$100 – $1000.

Please note: Your dean will never send you an email asking you to buy iTunes gift cards.

Fraudsters are taking advantage of the distributed nature of our community during COVID-19 and the challenges that come with remotely verifying and validating messages. Unfortunately, it is very difficult to identify the sender, let alone hold them accountable.

Although there have been increased reports of executive impersonation fraud at McMaster, please note that our accounts or systems have not been compromised.

What you need to do: Identify – Report – Delete

If we all do our part, executive impersonation fraud will simply be a mild irritant.  Please help keep our online environment safe by identifying when a message is fraudulent.

Here are a few things to look for:

  • The “reply-to” address is not from the @mcmaster.ca domain. Hover over the sender’s name in the message to see the “reply-to” address.  If it is not @mcmaster.ca, it is not a legitimate message.
  • The signature isn’t quite right. Does the message look just like other messages from this sender?
  • Language, vocabulary and grammar may all be a little off.
  • Nobody in the organization will send you an email asking you to buy iTunes gift cards, or anything similar. If rewards or prizes of small monetary value are required for any reason, the decision and authorization for their purchase should be done in person.

If you do receive one of these messages, please report it to is-spam@mcmaster.ca, then delete it.