I got phished by my boss

STORY TIME: I got phished by my boss.
No, seriously.
Hi everyone, Rebecca here. I'm Social Media Manager at Self and a couple weeks back something so bonkers ACTUALLY happened that I had to write this blog for your enjoyment.
As a reminder, Self's ultimate aim is to make every interaction we have online safer & stress-free by ensuring that the person you’re communicating with is actually who they say they are. Our entire business model is about proving who you are to the people you communicate with. My boss here at Self is Dan Sutherland, CEO and co-founder.
Last week I got an email from a Dan Sutherland, requesting that I run an errand for him. (see screenshot above)
Now, I don’t usually run errands for Dan, nor do I often receive emails from him at 6:30am, so I sent him a message on Self to say I’d had a suspicious email from someone claiming to be him. He confirmed that it was indeed not him on the other end, & from there the fun began…

I have a hard time imagining a person who would believe that anyone in their life would require £1000 worth of iTunes gift cards within a 20 minute window. But this guy, NotDan Sutherland, was convinced that I would buy it, and I couldn’t let him down!

This, I think, was a bit of a turning point for NotDan. He’s got me! ‘Another sucker born every minute’ and all that. See how he effortlessly skirts my query about that refund?

A conference! Of course! But what’s great about NotDan is that now he thinks he’s got me, he pays a lot less attention to what I’m saying.

But my clever quip didn’t even have him batting an eye. NotDan’s too excited about the fact I’m on my way to get those essential iTunes gift cards, and he starts to really put on the pressure. I decide to see if I can appeal to his humanity, reminding him that tomorrow my rent is due!

But NotDan DGAF about my rent, does he? He does not.

This is where the thread really starts to unravel. I grow more suspicious, and also more silly.


It’s clear to me for many reasons that NotDan is no expert phisher, but in this next screenshot you can really see him getting desperate.

I mean, he didn’t even type it again in that middle message. Just literally copy/pasted what he’d written a few emails earlier. At least put some EFFORT in, NotDan!

And I can’t actually respond to this one except to say:

Reader: it was not.
So, NotDan, if you’re out there and this finds you… maybe, just maybe don’t choose the CEO of a privacy-centred tech company building the future of trust as your next phishing scam impersonation? And buy your own damn iTunes gift cards!
Sign up for Self early access Alpha
