Email Phishing Reported to UUC

On Tuesday, July 19, reports were received by the church that phishing emails were received by members of the church purporting to be from church staff. These emails are from non-uuchurch.org domains and do not represent the church or any staff member or group at the church. Do not reply to these emails and do not do anything they request.

Please report these emails to your email provider (Comcast, Google, Microsoft, Apple, etc.). You may also choose to forward the email (preferably as an attachment) to reportphishing@apwg.org. For more information about the Anti-Phishing Working Group, please see APWG | About the APWG.

We’d like to assure members that church ministers and staff have not and never will send out “urgent” solicitations for money or support in one-on-one email messages. The church is never short of resources for meeting emerging or urgent needs. That is why the church holds three months of operating reserves in cash at our banks. Our program leaders may occasionally make requests for goods and volunteer services to be delivered to the church, say for Teen Feed or other homelessness efforts. But solicitations for online purchases or direct transfers of cash equivalents (such as gift cards) that appear to be from a minister church staff member are always scams.

We’re making efforts within the staff team to prevent future harvesting of contact lists and other email data. These efforts include limiting church communications to church email addresses whenever possible, and using protected church equipment rather than personal devices such as phones and home computers that may not be as thoroughly protected.

Regardless of those efforts, there have been hacks of personal devices in the past that have made contact lists that include member email addresses available to phishing scammers on the internet. Here’s a quick explanation of how to tell real emails from the church apart from phishing scams:

A legitimate email from a member of staff or a minister will have a FROM email address will be in this form:

  • [first name].[last name]@uuchurch.org

(The exceptions to this rule are the music staff who sometimes use their personal email addresses.)

Emails from small groups may have an email address in this form:

  • [group name]@uuchurch.org

When you receive an email from the church in general (sent via Constant Contact or UUC Connect), you will often see office@uuchurch.org or gateway@uuchurch.org as the sender (the FROM address). These are valid email addresses from the church and represent mail that was intended to be received by you. Replies sent to these addresses are received at the church office.

Emails from UUC Connect come from a different domain, and have this form:

  • [group name]@onrealmmail.org

Emails from group leaders sent through UUC Connect, and notifications from our database will all come from this one domain. Replies to this email address get routed through UUC Connect only if the sender has allowed for replies. Only staff and members of the church have permission to send email to you from this domain.

Any other form of individual or small group address that does not match one of the forms shown above—typically from a consumer domain such as @gmail.com—is from a spam or phishing sender pretending to be a staff member and should be ignored and reported. 

If you have any questions about a message that you’ve received and would like clarification or explanation as to its source or purpose, please call the office at 206-525-8400 so someone can help you before you click “Reply.”

3 Responses

  1. Emmy Easton says:

    Good to know. I received one of these and the language didn’t match Jon’s so I put it aside for the moment.
    Will report and toss. =-) EE

  2. Is it the case that emails from all staff will come from @uuchurch.org, including the IGC Director, and all of the music staff?

    • UUC Staff says:

      You are right, Nick, that members of our music staff often use their personal email. I have added a parenthetical to point out these exceptions to the rule.

Post a Comment

This site uses Akismet to reduce spam. Learn how your comment data is processed.