Tim Samuel nearly fell for an email scam that has cost victims billions of dollars.
Samuel, chief financial officer for Bridgeway Community Church in Columbia, Maryland, received a message that appeared to come from the church's information technology director.
"I was blown away because … I almost got tricked," Samuel said. Not only did it look like it was from a fellow staff member, but the email had an "invoice" for a security training awareness program, and the church had been installing a new security system.
But when the CFO hit reply, Samuel noticed that the email address didn't match the one normally used by the sender (see "Actual Fraudulent Email" illustration). Something wasn't right.
The extent of the problem
The scheme that targeted Samuel's church is an example of what the Federal Bureau of Investigation calls a business email ...