Can't determine if this is a fraudulent email or not...
November 3, 2013 7:48 AM Subscribe
I received an email at ~4:30 PM (EST) from a @ucia.gov email account. It was in regards to a scholarship program from the CIA to which I had applied, stating that they had liked my online application, and wanted to learn more about me. The problem is that I can't determine, given what I'm looking at, whether it's fraudulent or not.
Let me list the reasons why I don't think it can be a fraud:
(1) It's from a @ucia.gov email. There doesn't seem anything fishy about it. I hit the reply button, and in the field it still states the same email.
(2) They're asking me to send information to a different email, but one still at a @ucia.gov account. I can't imagine there's anyway to fake this right? If they had been spoofing the email, they would have wanted me to reply to the original email, or had me go to some website which would have been discernible in the address field. Of course, the "ucia.gov" address spooked me at first. Why isn't it "cia.gov?" I asked. Well, Google seemed to give me legitimate hits on "ucia.gov" email accounts.
(3) I've applied before, but this is the first time for me to hear back. I'm also using a new email address this time around. The application deadline was Oct. 31st, and I got a timely response on Nov. 1st. I can't imagine that given these circumstances this could be a fraud. (On the other hand, when I applied to the NSA for a similar sort of position, they sent me by mail a request for some more information, which I was to input on their website.)
(4) The attached document they wanted me to fill out didn't make my antivirus software alert me when I scanned it.
On the other hand, the fishy things about this:
(1) I have to turn in documents by 7AM Nov. 4th, which is a Monday. I got this email Friday evening, just as the business day was ending. Therefore, there's no time for me to contact the CIA by phone or email in between to verify this email's legitimacy.
(2) They ask for transcripts and for me to fill out a supplemental document. Well, I suppose the transcripts can be unofficial given they want me to attach them, but I wonder if my transcripts can be used in identify theft? They have my name, grades, date of graduation, major... and my student ID. But there's nothing there that can be used for the purposes of identity theft, right?
(3) The supplemental document wants me at the end to put my name, and social security number. Sure, I put in my social security on the CIA website for my application, and can understand this might be helpful for filing purposes. But to just write it out in a .doc, and send it through email?
(4) The document itself seems rather infantile. I'm a graduate student applying, and I'm being asked what one of my favorite courses at university was? On the other hand, it looks as though they're using perhaps the same "supplemental information form" across the board? They mention that if you were a High School student applying, then to talk about why you want to choose a certain major.
(5) There's also just random things here and there that set off alerts. The email signed off as:
"Regards
Student Programs"
No name. No comma. There's a grammatical mistake in the document, something like missing the "to" for what should be a word in the infinitive. The word "major", as in a college major, was located in the middle of a sentence but the 'm' was capitalized. They ask why do I want to work for "this organization." Really? Non-descript terms? That's not helping me feel more comfortable.
I mean, the email just looks incredibly scammy. But despite all that, I still can't reconcile how this could be a fraudulent email given the first three positive points I made. Am I missing something here?
Let me list the reasons why I don't think it can be a fraud:
(1) It's from a @ucia.gov email. There doesn't seem anything fishy about it. I hit the reply button, and in the field it still states the same email.
(2) They're asking me to send information to a different email, but one still at a @ucia.gov account. I can't imagine there's anyway to fake this right? If they had been spoofing the email, they would have wanted me to reply to the original email, or had me go to some website which would have been discernible in the address field. Of course, the "ucia.gov" address spooked me at first. Why isn't it "cia.gov?" I asked. Well, Google seemed to give me legitimate hits on "ucia.gov" email accounts.
(3) I've applied before, but this is the first time for me to hear back. I'm also using a new email address this time around. The application deadline was Oct. 31st, and I got a timely response on Nov. 1st. I can't imagine that given these circumstances this could be a fraud. (On the other hand, when I applied to the NSA for a similar sort of position, they sent me by mail a request for some more information, which I was to input on their website.)
(4) The attached document they wanted me to fill out didn't make my antivirus software alert me when I scanned it.
On the other hand, the fishy things about this:
(1) I have to turn in documents by 7AM Nov. 4th, which is a Monday. I got this email Friday evening, just as the business day was ending. Therefore, there's no time for me to contact the CIA by phone or email in between to verify this email's legitimacy.
(2) They ask for transcripts and for me to fill out a supplemental document. Well, I suppose the transcripts can be unofficial given they want me to attach them, but I wonder if my transcripts can be used in identify theft? They have my name, grades, date of graduation, major... and my student ID. But there's nothing there that can be used for the purposes of identity theft, right?
(3) The supplemental document wants me at the end to put my name, and social security number. Sure, I put in my social security on the CIA website for my application, and can understand this might be helpful for filing purposes. But to just write it out in a .doc, and send it through email?
(4) The document itself seems rather infantile. I'm a graduate student applying, and I'm being asked what one of my favorite courses at university was? On the other hand, it looks as though they're using perhaps the same "supplemental information form" across the board? They mention that if you were a High School student applying, then to talk about why you want to choose a certain major.
(5) There's also just random things here and there that set off alerts. The email signed off as:
"Regards
Student Programs"
No name. No comma. There's a grammatical mistake in the document, something like missing the "to" for what should be a word in the infinitive. The word "major", as in a college major, was located in the middle of a sentence but the 'm' was capitalized. They ask why do I want to work for "this organization." Really? Non-descript terms? That's not helping me feel more comfortable.
I mean, the email just looks incredibly scammy. But despite all that, I still can't reconcile how this could be a fraudulent email given the first three positive points I made. Am I missing something here?
Maybe they're testing your ability to analyze source material. Or go beyond assumed limits. Me, I'd contact them, not by an email response, but by some other independently verified channel. And I'd mention that you received this email, that it looked suspicious, and if they'd like you can send them your analysis.
posted by benito.strauss at 7:53 AM on November 3, 2013 [2 favorites]
posted by benito.strauss at 7:53 AM on November 3, 2013 [2 favorites]
Ucia. Gov is a real cia domain for communicating with the outside world.
posted by k8t at 7:55 AM on November 3, 2013 [2 favorites]
posted by k8t at 7:55 AM on November 3, 2013 [2 favorites]
It smells fishy to me. I'd contact them on Monday to verify.
posted by donajo at 8:04 AM on November 3, 2013
posted by donajo at 8:04 AM on November 3, 2013
I doubt very highly that they would be playing spycraft mindgames in this kind of communication. If they ARE doing that and it is making you crazy, maybe you aren't a good fit for that organization? But again, the vast majority of what they do is just plain old federal employment where they aren't going to play games. The shadowy, secretive stuff is mostly a Hollywood creation. The clandestine service side isn't just going to pick out some college student and toy with them.
If the headers of the email match what you expect, I doubt it's fraudulent. Just written by some intern in the HR department.
On the other hand, I completely agree with your list of concerns. You can't be expected to get your school to produce a transcript over a weekend, and they can't expect everyone to be cool with sending their social security number in an unencrypted email.
Call the program office Monday. Better safe than sorry. If they are going to penalize you for not meeting these somewhat ridiculous requirements, it's probably not going to be a good program.
posted by gjc at 8:20 AM on November 3, 2013 [6 favorites]
If the headers of the email match what you expect, I doubt it's fraudulent. Just written by some intern in the HR department.
On the other hand, I completely agree with your list of concerns. You can't be expected to get your school to produce a transcript over a weekend, and they can't expect everyone to be cool with sending their social security number in an unencrypted email.
Call the program office Monday. Better safe than sorry. If they are going to penalize you for not meeting these somewhat ridiculous requirements, it's probably not going to be a good program.
posted by gjc at 8:20 AM on November 3, 2013 [6 favorites]
I doubt there's a problem, but you may be able to reassure yourself of the mail's origin. Your mail reader will have an option somewhere to 'show full message,' 'show original message,' or 'show full headers.' The original message headers will include a bunch of 'Received: ' headers showing the IP addresses of the mail servers the message went through.
If you google 'DNS tools,' you'll find many services that will do reverse lookups of IP addresses to tell you something about those IP addresses--often not a lot, but maybe enough.
Note that 'Received: ' headers can be forged. If any of the IP addresses belong to someone other than your email provider or the US government, then there could be a problem (at that point, it's not conclusive without knowing how those folks exchange email and without seeing logs on their servers). And it's conceivable that the mail originates from a IP address within one of those sources that has been compromised.
However, if the IP address chain happens to look totally legit and they're only asking you to send email to a domain that's known to be related to the folks they're claiming to be, then it's probably legit, barring some really, really exotic scenarios. You can re-type the address you're sending to, though, to be sure there've been no tricks in the domain name, domain name character set, etc.
posted by Monsieur Caution at 8:23 AM on November 3, 2013 [2 favorites]
If you google 'DNS tools,' you'll find many services that will do reverse lookups of IP addresses to tell you something about those IP addresses--often not a lot, but maybe enough.
Note that 'Received: ' headers can be forged. If any of the IP addresses belong to someone other than your email provider or the US government, then there could be a problem (at that point, it's not conclusive without knowing how those folks exchange email and without seeing logs on their servers). And it's conceivable that the mail originates from a IP address within one of those sources that has been compromised.
However, if the IP address chain happens to look totally legit and they're only asking you to send email to a domain that's known to be related to the folks they're claiming to be, then it's probably legit, barring some really, really exotic scenarios. You can re-type the address you're sending to, though, to be sure there've been no tricks in the domain name, domain name character set, etc.
posted by Monsieur Caution at 8:23 AM on November 3, 2013 [2 favorites]
i suspect that the email did indeed come from the CIA, and that they are testing you regarding the way you handle information, and requests for it, in order to determine if you are CIA material. what would george smiley do? do you suppose he would spill his intimate guts to any old spook who sent him an email? there may be no one perfectly correct answer, but your response to this will likely determine whether you will be invited to join the firm.
posted by bruce at 8:40 AM on November 3, 2013 [1 favorite]
posted by bruce at 8:40 AM on November 3, 2013 [1 favorite]
I find the notion that this is a test pretty hard to believe. They'd easily get in trouble for letting unsecured SSNs move around.
From the Social Security Administration:
posted by secretseasons at 9:03 AM on November 3, 2013 [2 favorites]
From the Social Security Administration:
When a federal, state, or local government agency asks an individual to disclose his or her Social Security number, the Privacy Act requires the agency to inform the person of the following: the statutory or other authority for requesting the information; whether disclosure is mandatory or voluntary; what uses will be made of the information; and the consequences, if any, of failure to provide the information.Is there any boilerplate tiny-print in the documents you were sent that seems to cover this requirement?
posted by secretseasons at 9:03 AM on November 3, 2013 [2 favorites]
It's probably legit. Send unofficial copies if your transcripts using the school's registrar's page, and keep it moving.
posted by spunweb at 9:03 AM on November 3, 2013 [2 favorites]
posted by spunweb at 9:03 AM on November 3, 2013 [2 favorites]
Also I sincerely doubt "I question the veracity of this email because typos" will go over well.
posted by spunweb at 9:08 AM on November 3, 2013 [4 favorites]
posted by spunweb at 9:08 AM on November 3, 2013 [4 favorites]
I once applied for the CIA clandestine service (and decided mid-way I didn't want to join, also I think I'm probably ineligible anyway for other reasons) and the application process was pretty old school. I got e-mailed back by a recruiter for a phone interview, and after I passed that I had to do a little online IQ test, and then they sent me a document package by regular post to fill out. They asked for me to mail back my transcripts and the supplemental form sounded pretty similar to what you describe (what were your favorite courses, where have you traveled, etc). But this was several years ago so by now it's totally possible they handle all the document sending electronically. Everything was very straightforward; unless there was some crazy meta shit going on I never once suspected I was being "tested" beyond the very ordinary questions they asked me in the phone screening, IQ test, and supplemental forms.
If you're just applying for a scholarship honestly it's not like they're going to play secret agent mind games with you, this isn't some Jason Bourne shit. There are tons of people who apply for actual jobs with them; they don't have the time or resources to do secret agent tests with every single college kid who applies for a scholarship. At the end of the day you have to remember they're just another US government organization and the way they do things can be kind of slow and bureaucratic like any other US government agency.
If you want the scholarship I'd go ahead and just reply back with what they want in the time frame they asked for.
posted by pravit at 9:10 AM on November 3, 2013 [6 favorites]
If you're just applying for a scholarship honestly it's not like they're going to play secret agent mind games with you, this isn't some Jason Bourne shit. There are tons of people who apply for actual jobs with them; they don't have the time or resources to do secret agent tests with every single college kid who applies for a scholarship. At the end of the day you have to remember they're just another US government organization and the way they do things can be kind of slow and bureaucratic like any other US government agency.
If you want the scholarship I'd go ahead and just reply back with what they want in the time frame they asked for.
posted by pravit at 9:10 AM on November 3, 2013 [6 favorites]
Oh and it would not surprise me at all to find minor typos in the stuff they sent me. I once applied to the NSA (also many years ago) and corresponded with an NSA HR person. It was probably the most unprofessional e-mail exchange I have ever had with somebody representing their employer. So yeah - don't expect too much out of US government agencies.
posted by pravit at 9:11 AM on November 3, 2013 [1 favorite]
posted by pravit at 9:11 AM on November 3, 2013 [1 favorite]
The people who would be sending paperwork for this kind of thing are pretty likely to be entry level employees themselves.
posted by empath at 9:18 AM on November 3, 2013 [5 favorites]
posted by empath at 9:18 AM on November 3, 2013 [5 favorites]
The bizarrely short, outside-of-normal-working-hours turnaround requirement, with no mention in the email about "we realize this is a very short deadline" it what makes it seem strange to me. I mean, to notify you half an hour before close of business on Friday that you need to turn something in before start of business on Monday is something that wouldn't happen where I worked. Even same-day requirements are explicitly flagged ("BigBoss needs this by 4 pm, so get busy").
posted by Lexica at 9:46 AM on November 3, 2013
posted by Lexica at 9:46 AM on November 3, 2013
Answer the questions and send an unofficial transcript, but withhold your SSN for now. In the body of the email just write something like "I have questions about how the SSN is used. I plan to call Monday morning to clarify but am sending the rest of the application materials now." They're unlikely to ding you if you send everything else in on time and being worried about giving out your SSN is common enough these days that it won't seem weird. I wouldn't say anything about thinking that it's a scam.
posted by matildatakesovertheworld at 10:14 AM on November 3, 2013 [3 favorites]
posted by matildatakesovertheworld at 10:14 AM on November 3, 2013 [3 favorites]
I don't know if the email is fraudulent or not, but the typos aren't strange, and neither are the dumb "across the board" questions. This is a government agency; they have to send the same forms to everyone, and the people typing up these kinds of letters don't really have any reason to be super careful about typos.
If the request for your social security number is what's creeping you out, I would just put xxx-xx-xxxx or your scholarship application ID there instead, with an asterisk and a note that you don't send your SS via unencrypted email, but it's already included with the rest of your application.
If you don't want to send the other stuff even without the SS number, then I would shoot an email to the office (and call) asking if you can send everything as hard copy (postmarked Monday).
For what it's worth, I don't think this email is a mind game. The supplementary essays and transcripts are the "test" right now; they're at least going to wait until you pass that level of scrutiny before they start with the secret meta-testing.
posted by rue72 at 11:48 AM on November 3, 2013
If the request for your social security number is what's creeping you out, I would just put xxx-xx-xxxx or your scholarship application ID there instead, with an asterisk and a note that you don't send your SS via unencrypted email, but it's already included with the rest of your application.
If you don't want to send the other stuff even without the SS number, then I would shoot an email to the office (and call) asking if you can send everything as hard copy (postmarked Monday).
For what it's worth, I don't think this email is a mind game. The supplementary essays and transcripts are the "test" right now; they're at least going to wait until you pass that level of scrutiny before they start with the secret meta-testing.
posted by rue72 at 11:48 AM on November 3, 2013
Never ascribe to malice that which can be explained through incompetence.
I mean, really. Do you think there is an active e-mail scamming business built around asking people to complete their applications for CIA jobs? Really? And they happen to have an @ucia.gov e-mail address for receiving the scam replies?
I've gotten lots of fake Paypal e-mails, and lots of fake Fedex e-mails, and lots of fake e-fax e-mails. I've never gotten a fake e-mail purporting to be from the CIA asking me to provide additional application materials. I don't know anyone else who has ever gotten one of those, either.
Sure, be careful about what you provide in clear text via e-mail. Sure, follow up by phone on Monday. But don't spend time worrying about whether or not this is a scam.
posted by alms at 11:53 AM on November 3, 2013 [6 favorites]
I mean, really. Do you think there is an active e-mail scamming business built around asking people to complete their applications for CIA jobs? Really? And they happen to have an @ucia.gov e-mail address for receiving the scam replies?
I've gotten lots of fake Paypal e-mails, and lots of fake Fedex e-mails, and lots of fake e-fax e-mails. I've never gotten a fake e-mail purporting to be from the CIA asking me to provide additional application materials. I don't know anyone else who has ever gotten one of those, either.
Sure, be careful about what you provide in clear text via e-mail. Sure, follow up by phone on Monday. But don't spend time worrying about whether or not this is a scam.
posted by alms at 11:53 AM on November 3, 2013 [6 favorites]
For comparison:
A few years I was going through my e-mail on my iPhone while walking down the sidewalk, deleting items based on the subject lines. I saw an e-mail with an unpronounceable asian-looking return address with a subject line in all caps IMPORTANT BUSINESS OPPORTUNITY. Spam, right? So I deleted it.
But half a second later I had second thoughts. I navigated to the trash folder, found the e-mail, and moved it back to my in-box. When I looked at the contents, it turned out to be from someone in the marketing department of the Apple App Store, asking if my iOS app company wanted to participate in an App Store promotion. Needless to say I was thrilled, I replied, and it was a good thing.
The moral: even very large competent organizations send out e-mail that looks like spam.
posted by alms at 12:00 PM on November 3, 2013 [2 favorites]
A few years I was going through my e-mail on my iPhone while walking down the sidewalk, deleting items based on the subject lines. I saw an e-mail with an unpronounceable asian-looking return address with a subject line in all caps IMPORTANT BUSINESS OPPORTUNITY. Spam, right? So I deleted it.
But half a second later I had second thoughts. I navigated to the trash folder, found the e-mail, and moved it back to my in-box. When I looked at the contents, it turned out to be from someone in the marketing department of the Apple App Store, asking if my iOS app company wanted to participate in an App Store promotion. Needless to say I was thrilled, I replied, and it was a good thing.
The moral: even very large competent organizations send out e-mail that looks like spam.
posted by alms at 12:00 PM on November 3, 2013 [2 favorites]
This would be the longest, most complicated con ever for a student who likely has no money and very little worth stealing, identity or otherwise. Additionally, despite what movies would have you believe, my experience with secretive government departments has been more emphasis on "government departments" than "secretive", i.e. there are just like other govt depts in terms of professionialism, old-schoolism, bureaucracy than anything.
Reply to the email - do not be like "this could be a fake you trickers!". I would put my SSN on it, but by all means send it in without then call to clarify.
The likelihood of this being a scam is seriously so remote.
posted by smoke at 2:50 PM on November 3, 2013
Reply to the email - do not be like "this could be a fake you trickers!". I would put my SSN on it, but by all means send it in without then call to clarify.
The likelihood of this being a scam is seriously so remote.
posted by smoke at 2:50 PM on November 3, 2013
It seems improbable that you would be applying to the CIA and also receiving random scam emails about the CIA. Phishing emails are rarely so prescient -- the difference between "I bet you use Paypal" and "I bet you just applied to the CIA" is huge.
posted by feets at 12:03 AM on November 4, 2013 [1 favorite]
posted by feets at 12:03 AM on November 4, 2013 [1 favorite]
This thread is closed to new comments.
posted by katrielalex at 7:53 AM on November 3, 2013 [6 favorites]