
Within the past few days there have been multiple attempts by thieves to steal the UUFC’s membership directory and/or the credentials necessary to access our Breeze site. These types of attacks are not new, and are not unique to our Fellowship. But the frequency of these attacks is increasing, and it’s always worth reviewing active security risks. Membership information for religious institutions is extremely valuable for thieves, as it contains many forms of contact information that can be used in further scams. Below is more information about these types of attacks so you know what to be looking out for.
The attempts took the form of email messages requesting assistance accessing our membership directory and claiming that the sender could not currently log into Breeze. Some emails also asked for credentials with which to login to Breeze. These messages were sent from email addresses configured to impersonate people at the Fellowship by displaying the name of a Fellowship leader or Staff member in the ‘From:’ field. The actual email addresses used to send the messages do not belong to anyone at the Fellowship, and the person whose name was used can do nothing to prevent this.
If you receive a request like this, do not reply to it or send any information. Instead, please forward it to comms@uucorvallis.org and then delete the original email message.
Thank you for working to keep the Fellowship safe.