Scam emails impersonating Church’s bulletin email

This is a page for my church to help them recognise scam emails.

I will update this with new information from feedback and new information

What has happened?

Scammers have obtained the distribution list of the church’s email bulletin.  This could be from scammers obtaining a previous email where the recipients were added to the TO list instead of the BCC list.

They are using this list to send scam and phishing emails impersonating the Church’s email address.

This is a targeted scam because:

  • The recipients are older and less tech savvy so they are easier targets
  • There is a trust from emails appearing to come from the church

Please note that the Church’s email account is not compromised and is safe; it is scammers impersonating the email address.

The Church’s email address is protected by a strong password and two factor authentication

How to recognise a Scam email

Computer security software such as Anti-virus, firewalls and spam filters always help – but the biggest protection and risk to your online security is YOU.

Here are some points to help you recognise a scam email.

The sender's address

The email will come through with a title that looks like the Church’s email title like “Bethlehem Church” – but if you expand up the details of the sender – the sender is not from the @lca.org.au address.

Timing of the email sent

Usually I send out the bulletin on either Thursday or Friday during business hours.

If you receive an email at an unusual time (like 5am in the morning) – this is out of characteristics and this email should be considered suspicious.

Email content

The Church bulletin’s email follows a consistent form and is personalised and specific to the congregation and Christian faith.

Any links or attachments in the bulletin will be explained what they are instead of a vague reference that usually used by scam:

For example:

Today delegates at the General Synod of the Lutheran Church of Australia and New Zealand (LCANZ), meeting in Melbourne, directed the church’s General Church Board and the College of Bishops to explore the theological, constitutional and governance issues involved in establishing ‘one church with two different practices of ordination’. 

Read more from Convention of General Synod

 

Is more focused to the church than a vague content like:

just forwarding a few pics (#5 and #9 in particular) http://www.scam_website.com

What do I do when I receive a Scam email?

Most email clients provide a “Mark as spam” function.  If you mark the email as spam; this will help the email servers identify and block future scam emails for you and other recipients.

If this feature is not available in your email client; just delete the email.

I'm still not sure...

If in doubt – don’t open the email.  Treat it as suspicious.

You can forward the email to the bulletin’s email address and I can help you out.

Or alternative see me after church.