Stephen Phillips / Unsplash
CV NEWS FEED // Catholic entities have been on guard for years against online scammers who impersonate religious leaders and attempt to prey on people’s compassion in order to defraud them. In recent months, a scammer targeted numerous faithful around the world by pretending to be a prioress of a female religious community 29 times before Google disabled the fraudulent email account this week.
The first in the string of fraud attempts occurred on Dec. 17, 2024, according to Marco DeCapite, founder of the Catholic cybertraining business VersAlta Mission Solutions.
All but one time, the scammer reached out using a Gmail address and claiming to be the prioress of a certain female religious community, which asked to not be named in CatholicVote’s report. The scammer used a phone call only once, on Feb. 6.
DeCapite shared with CatholicVote via email a running list of each time the scammer has reached out, through email or phone number, on what date, and to what recipient. When posing as the prioress, the scammer’s targets included religious communities around the world, including Dominican orders, Discalced Carmelites, and clergy.
On April 9, Google Head of Security & Privacy PR Ross Richendrfer confirmed to CatholicVote that the fraudulent Gmail account was suspended this week after a thorough review of a filed abuse claim. He explained that certain information is needed to verify the fraud which enabled Google to disable the account. The religious community’s IT director had also reported the issue to the FBI fraud reporting website, DeCapite said.
Attempts to prey on compassion
DeCapite shared six examples of the contents of the fraudulent emails, which varied in length. Some of the emails requested contact information or a quick response. Others related to bank account information and money issues and included lengthy narratives about people in need.
In one Feb. 18 email, the fraudster, posing as the prioress, reached out to a religious sister and claimed that the prioress’ priory is supporting “One widow and 8 orphans” in the Democratic Republic of Congo (DRC).
“We have been trying to send them the amount needed for her medical care, but our bank does not allow us to make the transfer to this family because we do not have a community in Africa,” the scammer wrote. “We tried several times but no success.”
The scammer asked the religious sister to provide a bank account to which the amount can be transferred and claimed to have the hospital invoice “all other documents supporting the transfer of money to the DRC.”
The scammer claimed to have discussed the issue with the bishop in the prioress’ diocese and an official from Aid to the Church in Need before reaching out to the religious sister. The scammer also offers to send “an official request with the letterhead and seal of our priory.”
On March 7, the scammer again impersonated the prioress and claimed to have received funds from benefactors that the religious community would now like to share with the email recipient’s diocese.
“We do not have a specific intention for the use of this amount, you can use it in your diocese and where there is a need,” the scammer writes. “But we will need a report on the use of these funds, as we must also be accountable to the benefactors who helped us raise them. The amount raised is USD 71.650. Please send us your bank details and our treasurer will make the transfer.”
The scammer again offers to send “an official letter with our Congregation’s letterhead and seal.”
Ways to combat Catholic-targeted phishing
AARP reports that according to the Federal Trade Commission (FTC), impostor frauds, which include clergy-impersonation scams, caused over $2.3 billion in losses in 2021.
Religious-targeted phishing attempts have been pervasive for several years, prompting dioceses — and even Texas Attorney General Ken Paxton in 2019 — to issue informative and clarifying statements to help the faithful be on guard.
The Diocese of Grand Rapids issued an informational statement after Catholic-targeted fraud attempts were reported in Texas, Pennsylvania, Florida, and western Michigan.
“Have you received text messages, emails, or messages through Facebook messenger from someone claiming to be your pastor and asking for money or gift cards, indicating it’s an emergency?” the Grand Rapids diocese wrote. “Don’t give. It’s not your pastor. It’s a scam.”
The diocese emphasized that a pastor or associate pastor will never directly contact a parishioner requesting emergency funds. The faithful are urged to contact their parish office if they receive any suspicious or fraudulent communications and to report the communications to the parish or diocese and the FTC.
The advertising business LPi recommends parishes run articles in church bulletins, on websites, or on parish social media sites about scams. It also recommends that everyone verify emails claiming to be from a pastor or someone from the parish and avoid clicking links that are not from trusted sources.
In February, the Bishop of Auckland, New Zealand, Stephen Lowe was impersonated by a scammer on a fake Facebook account who was asking for money from social media followers.
If there was a collection in need of donations, “the only thing there I’d say is ‘this is how you donate,’ and direct them to official websites,” Bishop Lowe told news outlet RNZ.
It wasn’t the first time he and other bishops have been impersonated, he noted.
Parishioners in the Diocese of Charlotte have also been targeted by scammers who impersonate clergy online and ask for urgent replies or money, according to The Catholic News Herald. By creating a fake Gmail account pretending to be a local priest, a scammer conned several parishioners out of about $1,000 in gift cards.
Scott Long, the diocese’s director of technology services, said scammers’ failure to use correct spelling, which has been a signal that the email may be fraudulent, has become less common. which is making it even more difficult to spot a scam, the Herald reported.
“If anything about a message raises your suspicion, you are better off without that message in your mailbox,” Long said, “so just delete it.”
