{"id":1550,"date":"2026-03-27T10:34:52","date_gmt":"2026-03-27T14:34:52","guid":{"rendered":"https:\/\/www.montclair.edu\/phish-files\/?p=1550"},"modified":"2026-03-27T11:19:01","modified_gmt":"2026-03-27T15:19:01","slug":"president-koppell-gift-card-smishing-scam","status":"publish","type":"post","link":"https:\/\/www.montclair.edu\/phish-files\/2026\/03\/27\/president-koppell-gift-card-smishing-scam\/","title":{"rendered":"President Koppell Gift Card Smishing Scam"},"content":{"rendered":"<p data-start=\"150\" data-end=\"336\">A recent <strong data-start=\"159\" data-end=\"186\">smishing (SMS phishing)<\/strong> attempt targeted a member of our university community by impersonating President Koppell and requesting assistance with purchasing gift cards.<\/p>\n<h2 data-section-id=\"13xrpvf\" data-start=\"338\" data-end=\"358\">What Happened<\/h2>\n<p data-start=\"359\" data-end=\"433\">The recipient\u2014a faculty member\u2014received a text message that read:<\/p>\n<blockquote data-start=\"435\" data-end=\"561\">\n<p data-start=\"437\" data-end=\"561\">\u201cAre you by any chance available for a quick task? I&#8217;m planning a small surprise for some of our outstanding staff members\u2026\u201d<\/p>\n<\/blockquote>\n<p data-start=\"563\" data-end=\"843\">While the message may seem harmless at first, it is the opening step in a common scam. In this case, the recipient quickly recognized something was off\u2014specifically noting how unusual it would be for President Koppell to have their personal phone number\u2014and did not engage.<\/p>\n<h2 data-section-id=\"xt7jzz\" data-start=\"850\" data-end=\"874\">How It Looks Legitimate<\/h2>\n<p data-start=\"876\" data-end=\"940\">Attackers design these messages to feel natural and trustworthy:<\/p>\n<ul data-start=\"942\" data-end=\"1417\">\n<li data-section-id=\"1eil8my\" data-start=\"942\" data-end=\"1039\"><strong data-start=\"944\" data-end=\"977\">Friendly, low-pressure opener<\/strong>: The message starts casually, avoiding immediate suspicion.<\/li>\n<li data-section-id=\"xdk8ye\" data-start=\"1040\" data-end=\"1152\"><strong data-start=\"1042\" data-end=\"1062\">Positive context<\/strong>: Framing the request as a \u201csurprise\u201d for staff makes it feel thoughtful and legitimate.<\/li>\n<li data-section-id=\"1phsnk4\" data-start=\"1153\" data-end=\"1271\"><strong data-start=\"1155\" data-end=\"1182\">Authority impersonation<\/strong>: Claiming to be President Koppell adds credibility and discourages questioning.<\/li>\n<li data-section-id=\"1o7ob6\" data-start=\"1272\" data-end=\"1417\"><strong data-start=\"1274\" data-end=\"1296\">Gradual escalation<\/strong>: The initial message is vague on purpose\u2014once the user responds, the attacker typically pivots to requesting gift cards.<\/li>\n<\/ul>\n<h2 data-section-id=\"1xsub7p\" data-start=\"1424\" data-end=\"1454\">How to Spot It\u2019s a Phish<\/h2>\n<p data-start=\"1456\" data-end=\"1513\">Despite its friendly tone, there are clear warning signs:<\/p>\n<ul data-start=\"1515\" data-end=\"2139\">\n<li data-section-id=\"1893ecv\" data-start=\"1515\" data-end=\"1672\"><strong data-start=\"1517\" data-end=\"1540\">Unexpected outreach<\/strong>: It is highly unlikely that university leadership would contact a faculty member directly via text for a task like this.<\/li>\n<li data-section-id=\"jwbyhy\" data-start=\"1673\" data-end=\"1789\"><strong data-start=\"1675\" data-end=\"1704\">Unrecognized phone number<\/strong>: Messages come from external or unknown numbers, not official 麻豆传媒在线 channels.<\/li>\n<li data-section-id=\"1uxv993\" data-start=\"1790\" data-end=\"1908\"><strong data-start=\"1792\" data-end=\"1809\">Vague request<\/strong>: The message avoids specifics upfront\u2014a common tactic to draw the recipient into a conversation.<\/li>\n<li data-section-id=\"4m6q0p\" data-start=\"1909\" data-end=\"2033\"><strong data-start=\"1911\" data-end=\"1942\">Gift card angle (follow-up)<\/strong>: These scams almost always lead to a request to purchase gift cards and share the codes.<\/li>\n<li data-section-id=\"od0mq6\" data-start=\"2034\" data-end=\"2139\"><strong data-start=\"2036\" data-end=\"2066\">Bypassing normal processes<\/strong>: No official procurement, approvals, or communication channels are used.<\/li>\n<\/ul>\n<h2 data-section-id=\"xldxry\" data-start=\"2146\" data-end=\"2181\">What To Do If You Fall for It<\/h2>\n<p data-start=\"1606\" data-end=\"1652\">If you have already engaged with this message:<\/p>\n<ul data-start=\"1654\" data-end=\"2102\">\n<li data-section-id=\"8qgyyc\" data-start=\"1654\" data-end=\"1692\"><strong data-start=\"1656\" data-end=\"1690\">Stop communication immediately<\/strong><\/li>\n<li data-section-id=\"1as8jkr\" data-start=\"1693\" data-end=\"1741\"><strong data-start=\"1695\" data-end=\"1739\">Do not purchase or share gift card codes:\u00a0<\/strong>If you haven\u2019t yet, stop. If you have, do not send the codes.<\/li>\n<li><strong data-start=\"2407\" data-end=\"2431\">Report it right away<\/strong>: You can forward smishing text message screenshots directly to <a href=\"mailto:phishfiles@montclair.edu\"><strong>phishfiles@montclair.edu<\/strong><\/a>.<\/li>\n<li data-section-id=\"1a8sle1\" data-start=\"1840\" data-end=\"1940\"><strong data-start=\"1842\" data-end=\"1866\">Contact the retailer<\/strong> if gift cards were purchased\u2014quick action may help protect unused funds<\/li>\n<li data-section-id=\"1a8sle1\" data-start=\"1840\" data-end=\"1940\"><strong>Block the sender<\/strong><\/li>\n<li data-section-id=\"1jghmcp\" data-start=\"1941\" data-end=\"1996\"><strong data-start=\"1943\" data-end=\"1976\">Save screenshots and receipts<\/strong> for investigation<\/li>\n<li data-section-id=\"1kam0gu\" data-start=\"1997\" data-end=\"2102\">If you have experienced <strong data-start=\"2023\" data-end=\"2060\">financial loss or feel threatened<\/strong>, you may also contact <a href=\"https:\/\/www.montclair.edu\/university-police\/contact-us\/\">University Police<\/a><\/li>\n<\/ul>\n<h2 data-section-id=\"1m88jmm\" data-start=\"2869\" data-end=\"2883\">Remember<\/h2>\n<p data-start=\"2885\" data-end=\"2965\">Even when a message sounds friendly or well-intentioned, always pause and think:<\/p>\n<ul data-start=\"2967\" data-end=\"3074\">\n<li data-section-id=\"3pnmu\" data-start=\"2967\" data-end=\"3018\">Would this person normally contact me this way?<\/li>\n<li data-section-id=\"8dq4cm\" data-start=\"3019\" data-end=\"3074\">Does this request follow normal 麻豆传媒在线 processes?<\/li>\n<\/ul>\n<p data-start=\"3076\" data-end=\"3227\">In this case, trusting that instinct\u2014questioning why the President would have direct access to a personal phone number\u2014helped prevent a potential scam.<\/p>\n<h2>Additional Notes:<\/h2>\n<ul>\n<li>Information Technology will never text you. We will also never request your password or Duo codes,\u00a0<strong>ever<\/strong>.<\/li>\n<li>Information Technology will\u00a0<strong data-start=\"1865\" data-end=\"1872\">not<\/strong>\u00a0ask you to verify accounts or submit passwords through unofficial forms or unexpected email links.<\/li>\n<li>Do you think you\u2019ve fallen for a scam? Did you share personal information? Downloaded malicious content? Please contact the IT Service Desk at\u00a0<a href=\"tel:973-655-7971\" class=\"\"><span class=\"a11y-phone-number initialized\" aria-label=\"9 7 3 6 5 5 79 71 \">973-655-7971<\/span><\/a>\u00a0option 1 or email\u00a0<a href=\"mailto:itservicedesk@montclair.edu\">itservicedesk@montclair.edu<\/a>.<\/li>\n<li>Use the\u00a0<a href=\"https:\/\/www.montclair.edu\/information-technology\/security\/pab\/\">Knowbe4 Phish Alert Button (PAB)<\/a>\u00a0to report malicious emails directly to the Information Security team for review. If you are not using the Gmail client please forward the email to\u00a0<a href=\"mailto:phishfiles@montclair.edu\">phishfiles@montclair.edu<\/a>.<\/li>\n<li>Always use the \u201chover over\u201d technique to check web links before clicking! For more security tips please visit our\u00a0<a href=\"https:\/\/www.montclair.edu\/information-technology\/security\/security-tips\/\">Security Tips<\/a>\u00a0page.<\/li>\n<\/ul>\n","protected":false},"excerpt":{"rendered":"<p>A recent smishing (SMS phishing) attempt targeted a member of our university community by impersonating President Koppell and requesting assistance with purchasing gift cards. What Happened The recipient\u2014a faculty member\u2014received a text message that read: \u201cAre you by any chance available for a quick task? I&#8217;m planning a small surprise for some of our outstanding [&hellip;]<\/p>\n","protected":false},"author":349,"featured_media":1556,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"inline_featured_image":false,"footnotes":""},"categories":[7],"tags":[],"class_list":["post-1550","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-smishing"],"_links":{"self":[{"href":"https:\/\/www.montclair.edu\/phish-files\/wp-json\/wp\/v2\/posts\/1550","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.montclair.edu\/phish-files\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.montclair.edu\/phish-files\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.montclair.edu\/phish-files\/wp-json\/wp\/v2\/users\/349"}],"replies":[{"embeddable":true,"href":"https:\/\/www.montclair.edu\/phish-files\/wp-json\/wp\/v2\/comments?post=1550"}],"version-history":[{"count":5,"href":"https:\/\/www.montclair.edu\/phish-files\/wp-json\/wp\/v2\/posts\/1550\/revisions"}],"predecessor-version":[{"id":1560,"href":"https:\/\/www.montclair.edu\/phish-files\/wp-json\/wp\/v2\/posts\/1550\/revisions\/1560"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/www.montclair.edu\/phish-files\/wp-json\/wp\/v2\/media\/1556"}],"wp:attachment":[{"href":"https:\/\/www.montclair.edu\/phish-files\/wp-json\/wp\/v2\/media?parent=1550"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.montclair.edu\/phish-files\/wp-json\/wp\/v2\/categories?post=1550"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.montclair.edu\/phish-files\/wp-json\/wp\/v2\/tags?post=1550"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}