Cyber crime has been infiltrating our lives and our homes for years. It is now knocking at the door of Orthodox parishes.
Parishes and religious communities are being targeted by a phishing scam where the attacker poses falsely as the priest and asks the recipient for money. It often begins like this. An email arrives in an unsuspecting person’s inbox from an email address that is similar to but different than the priest’s email address, something like email@example.com (notice the typo!) or firstname.lastname@example.org. The email might read something like:
Have you got a minute? I need you to complete a task for me discreetly.
P.S: I’m going into a meeting now and can’t talk, so just reply.
The parishioner then might respond saying that he’s willing to help. If your priest asked you to help him with something, of course you would say yes, right? The attacker is leveraging the trust that exists in parish communities between the priest and the parishioner. He then replies
Okay good. I need you to get me some gift cards, I have a few people I want to send gifts to. Let me know if it’s possible for you to do get them right now so I can tell you which product we would need and the amount, you will be reimbursed.
Does it sound suspicious? Yes! Is it possible this is legitimate? Absolutely not! I can guarantee that your priest will never ask you to do something like this. If you receive something out of the ordinary, be sure to ask! Call your priest to find out more. Or contact us immediately!
So, the scam continues like this:
What I need is an iTunes gift card of $400 face value (200 x 2). You’ll get the physical cards at the store, scratch the back out and send me the pictures of the back of the cards revealing the pin here, you can keep the physical cards for me.
Once the parishioner sends the photos of the cards to the attacker, the money has now been transferred to their control. Some Orthodox parishioners across the country have already been tricked into giving away hundreds of dollars!
What Can We Do About this?
The most important thing that can be done is education. Educate yourself and your parishioners about emails and phone scams like this.
A clergyman will never reach out to his parishioners via email to request financial assistance, or in this case, gift cards. If email requests ever seems questionable, first and foremost, do not reply to the message, click on any links, or download any attachments. Try to verify the email by contacting the person or business directly via phone. Do not use contact information provided in an email or a website connected to the request; instead, check your personal records or contact lists, or for a business, a previous statement or bill, for contact information.
Check out the links below for more information.
How to Report a Cyber Crime
If you or your parishioners have become victims of a cyber crime, be sure to report it immediately to us and the following Federal agencies:
Federal Trade Commission
Additional Articles to Learn More
What is a Phishing Attack and Tips for Protecting Yourself
New phishing scam uses church pastors’ names as bait
Scammers pose as pastors in email, ask faithful to buy gift cards