The email appeared to come from Pastor James Williams, reaching out to a parishioner in need of “discreet assistance.”
He was too busy to take calls, the email explained, and asked that the recipient reply by email for further details.
The signature was his, the church address was correct, the logo familiar. Everything looked as it should.
Still, something gave the recipient pause — enough to pick up the phone and dial the church directly.
Fortunately, this person called staff to verify because the pastor had never sent the email. In fact, it had not come from anyone associated with the church. It was a scam.
Had the reporting party replied, they would likely have been instructed to buy gift cards and relay the card numbers to the scammer, or to buy cryptocurrency or another form of digital currency from a local crypto ATM.
This is just one of many similar scams reported in the Cowboy State, all targeting Wyoming churches and their members who trust them.
The scam takes on slightly different permeations with the goal of tricking churchgoers out of money by preying on their kindness.
Sometimes, criminals request gift cards for families in need or for other church programs, and typically lend their messages an air of legitimacy by including the actual pastor’s name, AI-generated logos impersonating the church, and biblical passages.
Worse, according to one leading state cybercrimes expert, these scammers are using information they find on church websites to tailor their messaging while targeting parishioners.
Soft Targets
Laura Baker, co-founder and executive director of CyberWyoming said cyber criminals are becoming more targeted and personal.
Her nonprofit tracks reports submitted anonymously, which are published in “Hacker’s Brief” compiled by CyberWyoming’s Natalie Demple.
Another Wyoming resident also reported receiving a scam email appearing to come from a pastor, though a closer examination revealed the spelling of the pastor’s first name was off by a single letter.
The fraudulent message requested Target gift cards, framing the ask as part of the church’s established program to supply immigrant families with groceries and diapers.
The church member bought the gift cards and was about to send the numbers when a warning email arrived from actual church staff warning someone was scamming people.
She kept the cards and avoided any financial loss — barely.
When she reported the interaction to CyberWyoming, the woman reported that she and her husband had been taken in without suspicion, and they knew of at least one other church member who had fallen for the scam.
The scammer’s use of AI to reproduce the church’s logos and graphics in particular, combined with the near-identical sender address, had made the email appear completely legitimate.
Other church scams reported are similar, Baker said, and appear to have taken information directly from church websites.
Hard To Gauge Problem
Scams targeting churches and their members are not new, Baker said, with many dating back to the pandemic.
They are picking up steam and are increasingly more prevalent based on reports they’ve received, and AI is making scamming people easier and appear more legitimate.
In fact, the rising number of scams triggered the Federal Trade Commission to sound the alarm in 2022 following an influx of reported gift card scams targeting worshippers.
It’s hard to get a handle on the true nature of the problem because there’s no specific reporting category for church scams in the FBI crime report, which instead falls under the catch-all fraud against charities.
Scams involving artificial intelligence, however, netted its own category for the first time in the FBI’s nearly 25-year history of documenting cybercrimes.
In fact, AI and cryptocurrency scams bilked Americans out of nearly $21 billion last year, according to the agency’s 2025 report.
By far, the largest crime reported was internet phishing and spoofing scams by which criminals try to steal sensitive information like banking or passwords by tricking a person into clicking on a link that downloads malware and disguising their identity to appear legitimate.
For Wyoming, this amounted to a loss of nearly $26 million with 1,552 incidents reported to the FBI Internet Crime Complaint Center last year. This put Wyoming in 24th place nationally for complaints per 100,000 residents.
CyberWyoming’s data followed a similar report with the bulk of scams involving fake invoices followed by impersonations.
The fake invoice scams in large part were sent through email and mimicked legitimate companies like PayPal, claiming that payment was due for services.
The group also noted an upward trend involving scammers impersonating clergy, which one pastor will attest from her experience is on the rise.
Preying On The Generous
Ignite Wesleyan in Sheridan has managed to stay one step ahead of scams targeting its congregation, said Gretchen Danforth, the church’s children’s pastor.
The fraudulent “Pastor Williams” emails spoofed her church’s identity and impersonated a former pastor who has since moved on.
Scams like these are increasingly common, she said.
“We’re getting so many things like that,” Danforth told Cowboy State Daily.
The increase in attempts has pushed the church to tighten up its website, limiting the personal contact information available to bad actors.
The church also makes a point of reminding its congregation that this is not how they conduct business, she said, and issues immediate warnings whenever a scam is reported to them.
Over time, Danforth said congregants have grown savvy enough to recognize the attempts on their own.
The emails also tend to raise flags simply because directly soliciting money from people on behalf of others is not how the church operates.
“Had we not clarified, many would have proceeded with doing that because they have generous hearts,” she said. “And obviously, scammers have figured that out, which is unfortunate.”
But anecdotally speaking, Danforth said she hears from other pastors and churches in and out of Wyoming that this is something that happens frequently and seems to be getting worse.
Part of that is AI search engines that can scour peoples’ social media and other online information that can identify them as members even if the church itself doesn’t.
No Free Pianos
The scammers don’t just stop at targeting parishioners and also try to directly scam the churches. A common scheme is to email churches offering to donate a piano.
It’s usually a story about a spouse or loved one passing away and wanting to donate it, and for whatever reasons, it's a Yamaha baby grand piano or some sort of Yamaha, she said.
Cowboy State Daily this past week also received at least two of these messages to its office offering a free Yamaha piano.
Danforth has no idea how the scam actually works because she’s never replied to any of them, but she assumes it involves sending money for shipping or some expense associated with delivery.
Overall, she follows one primary rule and encourages others to do the same: if it sounds suspicious, it probably is.
Largely Unreported
Getting a grip of the true extent to which churches and parishioners are being targeted and scammed is difficult, Baker said, because many people don’t report it to police or to other authorities like the FBI.
A quick survey of three Wyoming cities suggests this is the case.
Capt. Tom Ringley with the Sheridan Police Department said his agency has received numerous scam reports from people over the past couple years, but couldn’t say how many — if any — involved churches.
His department doesn’t have a particular code for church scams, which fall under a general category, nor could he personally recall any such reports.
Ringley did say, however, that his department has detectives who investigate fraud and other internet-related crimes and can screen scams if a person isn’t sure whether an offer is legitimate.
“Of course, we’re not offering legal advice and it’s not binding, but the officer can simply state whether it appears to them to be fraud,” he said.
Likewise in Gillette, Interim Chief of Police Brent Wasson couldn't recall any specific scam targeting churches or parishioners. Nor were there any recent cases reported in Cheyenne, according to Alexandra Farkas, public information officer for the Cheyenne Police Department.
Though these scams might not be reported to law enforcement, several churches around the country are issuing scam alerts and warning people take steps to not allow scammers to access church information.
Not Protecting The Flock
Wyoming churches could be doing far more to secure their websites and safeguard personal information, Baker said, but so far none have taken her organization up on its free resources.
In 2022, her nonprofit launched the Protect Your Flock educational campaign, mailing postcards and a downloadable PowerPoint to churches across the state.
The materials outlined practical steps for protecting church and parishioner data, and even included a Bible verse clergy could use to open the conversation with their congregations.
Of the 522 churches that received the materials, not one downloaded the presentation. The following year, the group tried again with 58 churches with the same result.
It stopped the program after that in 2023.
“We got tired of wasting our money,” Baker said.
Nonetheless, there are some simple steps churches can take, starting with using official church emails rather than a person's gmail or other generic email accounts that are easy to mimic, Baker said.
Easy Steps To Help
In most cases, since churches are 501(c)3 nonprofits, Google Workspace for Nonprofits is free to churches and Microsoft Office 365, depending on the type of license, is free or discounted, Baker said.
This is one easy step toward easier identification of clergy email accounts, which makes it harder to imitate, as Baker has seen in several cases.
She noted that it is easy to sign up for free Gmail or Yahoo account that says unitedmethodistofscranton@gmail.com which looks pretty legitimate when the actual clergy's email is methodistofscranton@gmail.com.
However, if the clergy emails are from john@unitedmethodistofscranton.org, then the scammer would have to jump through more hoops to register and pay for a similar domain, Baker said.
Enabling multi-factor authentication on church email accounts is another way to strengthen security, Baker said, as is using email filtering tools to block spoofed and malicious messages.
Church clergy can also set clear expectations with their congregations, letting members know they will not solicit contributions via email or text, she said.
Baker said another significant step churches can take to protect their members is to refrain from publishing member lists, directories, and other personal information online that could give scammers a foothold.
In some cases, churches publish bulletins with prayer lists that reference a member’s specific ailment or malady, she said.
Scammers monitor church websites for exactly this kind of information, using it to establish false trust and exploit goodwill, Baker said.
“They should not be putting this information online, but many do because they don’t think about the data privacy issues and scammers,” she said. "They just want to serve their community and do good.”
And unfortunately, as Baker further noted, scammers continue to find soft targets, it requires churches to take active steps to guard their congregations against exploitation.
“You don’t think about churches being a target because that’s just not how we view the world. It feels deplorable that they would take advantage of good organizations,” she said. “But unfortunately, to protect against scamming, you have to.”
Jen Kocher can be reached at jen@cowboystatedaily.com.
