Case Study — Multi-University, Ongoing

"Can you grab
gift cards?"

The single most common scam targeting university staff. Scammers impersonate deans, provosts, and department chairs to trick staff into buying gift cards for a faculty event that does not exist. $1K-$5K per incident, relentless since 2023.

Documented at Michigan, UC Berkeley, UCLA, Stanford, NC State, Chapman, and 50+ more. Low dollar per incident, but it never stops. The suss. API catches it at the subject line.

All case studies
What happened
  1. 01
    Dean impersonation email
    Scammers impersonate deans, provosts, and department chairs via email. They request staff purchase gift cards for faculty appreciation, student prizes, or a confidential event. The emails use the real executive's name and title.
  2. 02
    $1K-$5K per incident, ongoing since 2023
    Each incident typically costs $1,000 to $5,000. Staff buy Apple, Amazon, or Google Play gift cards, scratch the codes, and send photos to the scammer. Once redeemed, the funds are unrecoverable.
  3. 03
    50+ universities documented, still active
    This is the single most common scam targeting university staff. Michigan, UC Berkeley, UCLA, Stanford, NC State, and Chapman have all published warnings. The campaigns are ongoing and show no sign of slowing.
SourceUniversity of Michigan Safe Computing
What it cost
$1K–$5K
Per incident
50+
Universities documented
Ongoing
Since 2023, still active
What suss. would have surfaced

A signed record, before the wire.

suss. interaction recordFlagged
Executive Gift Card Scam Detected

This is the kind of message your people see, before they act on it. Plain guidance, not a number.

  • No legitimate executive will ever ask you to buy gift cards via email.
  • Call the person directly to verify. Use a known number, not one from the email.
  • Report this email to your IT security team immediately.
  • Do not scratch the cards or send photos of the codes.
  • If you already sent gift card codes, contact IT immediately. Cards may be recoverable if not yet redeemed.
signed9c2f…e7a1· queryable record
Why this keeps happening

Why this scam never stops working.

Deference to authority
When a dean or provost asks for something, staff respond quickly. Academic hierarchy makes people less likely to question unusual requests from leadership.
Public leadership directories
University websites list every dean, chair, and administrator with full name, title, and department. Scammers need only copy-paste.
Plausible cover stories
Faculty appreciation lunch. Student award prizes. Visiting speaker gift. Universities regularly buy gift cards for events. The request seems normal.
Isolation tactics work
"Keep this between us — it's a surprise for the department" creates secrecy that prevents the victim from verifying with colleagues.
The divergence
Without suss.
  1. "Dean Smith" emails asking for gift cards.
  2. Staff member goes to Target on lunch break.
  3. Buys $2,000 in Apple gift cards.
  4. Scratches the codes and sends photos.
  5. Codes redeemed within minutes.
  6. Real Dean Smith has no idea it happened.
With suss.
  1. Email scanner flags the gift card request instantly.
  2. Warning badge: Executive Gift Card Scam Detected.
  3. Staff sees a flagged record before reading further.
  4. Calls Dean Smith directly. Confirms it is fake.
  5. Reports to IT. Campaign blocked campus-wide.
  6. $2,000 saved. Scammer gets nothing.

Want this catching the next one before it ships?

This is a documented incident with a public source. The next one is in someone's inbox right now. suss. is what catches it.

Read more case studies