Scammers looking to rip off NC churches, officials say

hands typing generic

RALEIGH, N.C. (WNCN) – The North Carolina Attorney General’s Office says scammers are using phony, but real-looking emails to try and steal thousands of dollars from churches throughout the state.

According to officials, the scam targets and employee of the church’s finance office. The email appears to be sent by the pastor or another high-level person at the church. The message instructs the employee to send thousands of dollars, via a bank-to-bank wire transfer, to handle an “urgent and confidential” situation.

The scam has targeted businesses in the past, but the focus on churches is a new twist, according to officials.

“But, at a church, it’s usually just good people trying to do good stuff and so their default thinking is going to be to trust,” said Duke Rogers, CEO of Triangle Forensics.

He showed us how simple it is for scammers to impersonate someone else’s email address.

In a matter of minutes, he created a PHP script, which allows him to enter any email address he wants and make it look like that person is using it.

“I don’t need anybody’s passwords or anything like that. I can take the list of email addresses and blast one to everyone on there except the pastor, and I’ll say it’s from the pastor,” he said. “But, the actual logistics of making it appear to be from someone it’s not, all that kind of stuff, that’s basic.”

Rogers points out when you receive one of these scam emails, it will appear as though it’s coming from one email address (such as a pastor), but when you click reply that response will go to a different email address (the scammer).

A church in Raleigh nearly fell victim. The attorney general’s office says about two weeks ago a church employee was transferring money after receiving one of the emails.

The bank handling the transfer intervened, suspected it was a scam. The attorney general’s office says the amount of money involved was “thousands of dollars” but didn’t have a precise number.

Douglas Ward, director of information technology at the North Carolina Conference of the United Methodist Church, says his organization has received the scam emails a few times in recent months.

The emails appear to be from executives at the organization and were sent to members of the finance office.

“Well, what jumped out to me first was how real it looked,” Ward said. “When a well-crafted message looks legitimate, it can be difficult to very quickly and casually look in an email and determine whether or not it’s real or not.”

Ward noticed that though the emails appear to come from an email address of someone known and trusted by the victim, when you hit reply the response goes to a different email address.

No one at the organization fell victim to the scam. Ward says there are a variety of checks in place, including filing signed requisition forms before money is transferred, to ensure adequate oversight of the organization’s funds.

To avoid this scam, officials recommend setting a strict office policy for wire transfers, remember that money wired away is usually gone for good, and warn employees about the scam.

If you believe you, your church, or a business or employee has been approached by a scammer, report it to the Attorney General’s Consumer Protection Division by calling 1-877-5-NO-SCAM or file a complaint at