» Trending Email Scams

Chapman student on laptop at hackatonChapman University’s Information Systems and Technology department monitors the trending scams in the Information Security World. We use intelligence feeds shared with peer institutions in Higher Ed as well as emails sent to abuse@chapman.edu.

This page is updated regularly. If you have any suggestions or questions, please email infosec@chapman.edu.

The Check Deposit Scam

Toggle Section

How Does a Check Deposit Scam Work?

The Check Deposit Scam - I transfer to your account $3000, you transfer $2000 to an offshore account.

In the check deposit scam, the scammer tries to trick you into depositing a check that is not covered in your bank account. To make it look like a legitimate business, they will offer you a job or purchase something from you. If it it's a job they will ask for personal information from you. Some scams include a survey at the end so it feels more like a job offering.

The scammer issues you a check for $3000 although they "owe you" $1000. They then ask you to transfer the remaining $2000 from your account to a third-party account that is usually offshore.

Why Does It Work?

To you, this is one transaction and it seems as if you're dealing with one person. However, to the bank, this is two different transactions. The bank is dealing with two different people - there is you who deposits the check and the receiver of your transfer.

The issuer of the check is in a different time zone so the check takes a while to clear. By the time you receive the notification that the scammer's check to you was not covered, your transfer for the $2000 was still initiated from your account. The bank sees you as liable even if you do not have sufficient funds.

Example of a Check Deposit Scam

Example of a check deposit email scam

Thanks for the response to the job posting, your Resume has boon reviewed. Unfortunately the position has already been fitted but another offer still available if you are interested. I have gone through your resume and I'm impressed, which is the Personal Assistant Position.

My name is Joel Marinez, 49 years of age and I live 18 miles from your Postal code. I'm a business entrepreneur, a human capital investor and philanthropist maintaining established business relationship with diverse companies within and across the Globe. Due to my, recent engagement and subsequent business expansion, my schedule necessitates the rote of an Assistant who will help leverage my work load in order to ensure timely delivery of services and attendance to matters of concem and as such eschew excess backlogs and unattended briefs.

The sensitivity of this position warrants the office holder to be upright, responsive, accoulltable, trustworthy, emphatic, persevering, honest and willingly ready to go an extra mile.

  • Receiving Phone Calls from my clients.
  • Making Regular Drop offs at FedEx Stores for letters meant for my clients.
    Basic wage is $400 weekly.
  • Working 3 to 5 hours Daily, and 3 Days weekly. ( you can choose your working days because it is flexible )

I tend to have a very busy schedule at the moment, please note that this position is not office based for now due to my frequent travels. It's a part-time work from Home for now. I'm currently away for some property survey in the North American Caribbean Island, Puerto Rico, Europe and Kuala-Lumpur Malaysia. I'll be back to the country in three weeks time. So, I need an assistant to handle dealings for me on the home front when away on business which is habitually quire often. I need someone who can be able to reply to Emails in a prompt manner and has good communication skills.

This is just an explanatory message, as time goes on we should be able to arrange a proper meeting upon my arrival. I do have a number of things you could help me with this week if you wilt be within reach for me. If you're Interested in the offer, this could act as a good start to our working consanguinity.


  • SEX:
  • AGE:
Best Regards

What To Do If You Received a Check Deposit Scam Email

Do not reply to the email message.

Do not provide any personal information, this information could be used for other scams such as the tax email scam.

Forward the message to abuse@chapman.edu

To learn more about what to do if you received a phishing email, please visit www.chapman.edu/phishing

Sextortion Email Scam

Toggle Section

How Do Sextortion Emails Work?

A sextortion scammer sends out messages with spoofed email addresses using passwords obtained from "Credential Dumps". A credential dump is a list of email addresses, passwords and other personal information published online without permission. Scammers exploit credential dumps by including your password in their message to grab your attention.

A sextortion scammer claims to have compromised the target's computer to gain their passwords and personal information, but most importantly has recordings of the recipient performing intimate acts using the computer's webcam.

The scammer then asks for a "fair price" in bitcoin so they do not release the screenshot or recording to the target's social media accounts and contact lists.

Example Sextortion Email

Subject: XXXXXX@chapman.edu was hacked


My nickname in darknet is barnett26.

I'll begin by saying that I hacked this mailbox (please look on 'from' in your header) more than six months ago, through it I infected your operating system with a virus (trojan) created by me and have been monitoring you for a long time.

Even if you changed the password after that - it does not matter, my virus intercepted all the caching data on your computer and automatically saved access for me.

I have access to all your accounts, social networks, email, browsing history. Accordingly, I have the data of all your contacts, files from your computer, photos and videos.

I was most struck by the intimate content sites that you occasionally visit. You have a very wild imagination, I tell you!

During your pastime and entertainment there, I took screenshot through the camera of your device, synchronizing with what you are watching. Oh my god! You are so funny and excited!

I think that you do not want all your contacts to get these files, right? If you are of the same opinion, then I think that $500 is quite a fair price to destroy the dirt I created.

Send the above amount on my bitcoin wallet: 1MN7A7QqQaAVoxV4zdjdrnEHXmjhzcQ4Bq As soon as the above amount is received, I guarantee that the data will be deleted, I do not need it.

Otherwise, these files and history of visiting sites will get all your contacts from your device. Also, I'll send to everyone your contact access to your email and access logs, I have carefully saved it!

Since reading this letter you have 48 hours! After your reading this message, I'll receive an automatic notification that you have seen the letter.

I hope I taught you a good lesson.

Do not be so nonchalant, please visit only to proven resources, and don't enter your passwords anywhere!

Good luck!

What To Do If You Received A Sextortion Email Scam

Change your password immediately by going to password.chapman.edu.

Forward the email received to abuse@chapman.edu.

The Gift Card Scam - Are You There?

Toggle Section

How Do Gift Card Scams Work?

Gift card scammers send out messages using spoofed email addresses impersonating your boss or the president of your university. The email usually has an urgent tone, asking you to buy multiple gift cards and sending them the codes on the back. Email scammers ask for gift cards because they are immediate and untraceable.

The gift card scam is also known as the 'Are You There' scam because the scammer initially sends an 'are you there' or 'are you available' message and awaits for a response before they ask you to buy gift cards.

Example Are You There? Email

From: President Incharge <inchargepresident[@]gmail.com>
Date: March 5, 2019 at 8:13:39 AM PST
To: xxxxx@chapman.edu
Subject: Urgent

Are you still available i need your help, I want you to help me out on something important ?

I am in a meeting right now and call is not allow here, are you free to help me

Daniele C. Struppa

What To Do If You Received A Gift Card Scam Email

Check with the email sender through a different mode of communication if they sent the message (In-person, Chapman Email, Desk Phone Number).

Do not reply to the email and forward the message to abuse@chapman.edu.

Phishing for Credentials

Toggle Section

How Do Phishing Emails Work?

Phishing is the most common type of email scam with nearly 1.5 million phishing websites created each month according to Webroot Threat Report.

Phishing is when cybercriminals pretend to be a trustworthy entity and send emails to further entice their victims to

  • Provide usernames or passwords
  • Open viruses infected files
  • Open attachments that input malware on the device allowing passwords to be stolen

More information on phishing can be viewed at www.chapman.edu/phishing

Example of a Phishing Email

 Phishing email example containing malicious link

What To Do If You Received A Phishing Email

  • Check www.chapman.edu/security for recent phishing emails to see if the email you received is posted
  • Even if you do not see it on the website still report it! It might be a new attack
  • Always double check the sender/url before entering any usernames and passwords. If in any doubt DO NOT enter your username or password, instead ask abuse@chapman.edu to confirm legitimacy of email

For more information on what to do if you received a phishing email view www.chapman.edu/phishing.

Seasonal Scams

Toggle Section

How Do Seasonal Scams Work?

Seasonal scams, also known as holiday scams, are malicious emails that resurface every year during annual holidays and events.

Similar to phishing emails, seasonal scams are after your username and password, personal information and money. Seasonal scammers will send out emails during tax season and holidays to give their scams more credibility.

Tax Return Scam

  • The scammer impersonates an IRS official and accuses the target of owing the IRS money which must be paid immediately through a wire transfer or prepaid debit card.
  • The recipient is often threatened with jail time in order to scare people into giving the scammer personal information, credit or debit card numbers or money.

Holiday Scams

  • Scammer takes advantage of people distracted in a holiday "daze" who will more likely give out their personal information.
  • Includes 'too good to be true' deals on airfare, hotels, or expensive items.
  • The scammer might also pose a friend or relative in need of immediate financial assistance in an emergency situation.
  • Includes shipping notifications or purchase alerts on items you never purchased from major credit payment processors.

Examples of Seasonal Scams

Example of an IRS phishing email - Verification Notification

example of fake IRS email scam

Dear Tax Payer,

This is an automa1ed email, please do not reply.

We've notice your account information is missing or incorrect.
We need to verify your account information to file your Tax Refund.
Please follow this link to verify your information.


IRS Team
2016 IRS All right reserved.

IMPORTANT NOTE: If you receive this message in spam or junk it is a result of your network provider. Please move this message to your inbox and follow the instruction above.

Example of a holiday scam - Refund Notification

example of fake amazon phishing email

Refund Notification

Due to a sytem error you were double charged for your last order, A refund process was initiated but could not be completed due to errors in your billing information


You are required to provide us a valid billing address

Click Here to Update Your Address

After your information has been validated you should get your refund within 3 business days

We hope to see you again soon.
Email ID:

How An IRS Scam Call Works - Video

Courtesy of The Majority Report w/Sam Sedar

Watch Sam Sedar speak with scammers impersonating IRS officials who claim he will be arrested if he doesn't pay the IRS back $5000.

What To Do If You Received A Seasonal Scam Email

DO NOT click on any of the links or enter any information.

Forward the email message to abuse@chapman.edu.