A spokesman for the Diocese of Raleigh, which has more than 40,000 members, said they've had these types of scams at other churches in the past, where the impersonator asks for gift cards.
The email came from a Gmail address.
While this scam impacts Raleigh's largest Catholic church, anybody can fall victim to this type of scam.
If you get a similar email, cyber security expert Brandon Champion, of Syneos Health in Morrisville said the first thing you should do is look at where the email is coming from.
"Anything that comes from a Gmail address, a Hotmail, or a Yahoo, any of the free webmail addresses are things you want to take a second look at," Champion said. "Most churches, most larger organizations, will have their own domain. Most of them will end in a .org perhaps, or even a .com."
He said you should look out for grammatical errors.
"Read the email itself," Champion said. "Most of the time, there's going to be spelling mistakes, capitalization errors, punctuation errors. Those are the tell-tale signs of a scam."
He said thieves tend to ask for gift cards because they can't be traced.
"So a lot of times, they'll want the codes for the gift cards or they'll want the gift cards themselves," Champion said, adding that these types of scams targeting churches are popular. "Unfortunately, the cyber criminals, morality is not their strongpoint."
The cathedral said on its website: "Always call the office to verify communication claiming to be from clergy or staff if you are unsure of its origin."
Here are more tips from the Cathedral:
- Never reply to an email that you are uncertain of its origin
- Never click links in an email that you do not recognize the sender's email address (not just the display name!)
- Always assume that a request for gift cards or money in any form is a SCAM
- Never give out personal information such as SSN or log-on credentials
- If you receive communication purporting to be from clergy or staff and do not recognize it as a number or email you have already verified, CALL the OFFICE
- If you receive communication from a source you think you know yet it seems odd, CALL the OFFICE
Clues that help to identify fraudulent email are:
- improper grammar and poor spelling
- excessive use of capitalization and exclamation marks
- odd phrases, non-agreement of subject and verb
- urgency words like 'ASAP' and/or 'right away'