Spearphishing: The Risk to Corporate Canada
October 9, 2014
The Canadian Cyber Incident Response Centre has received reports that a number of senior executives and employees with accounting responsibilities at Canadian corporations have been targeted by a sophisticated spearphishing campaign.
Spearphishing is essentially targeted phishing. Cyber criminals collect information on their targets from various sources including social media and company websites. They then use this information to personalize fraudulent emails in order to increase the chances of the targets opening these emails.
Recently, targeted emails were sent to personnel who are authorized to make financial transactions. The emails appear to authorize the individual to send large amounts of money to a specific bank account.
To make these messages appear more authentic, actual names of executives who would authorize these transactions are used in the emails, and look-alike email addresses and URLs are used. The cyber criminals behind this scam have even telephoned their targets, posing as representatives from a law firm that is helping with the financial transaction.
This spearphishing campaign has targeted a number of companies. As a result, GetCyberSafe has teamed up with the Canadian Bankers Association to raise awareness of this issue.
While these cases are targeting a specific group, there are a number of steps you can take to avoid falling victim to any kind of email scam:
- Don’t respond to emails requesting private information, or click on links from unknown sources.
- Be on the lookout for email scams where the message is alarmist, has spelling mistakes, offers a deal that is too good to be true
- If in doubt, call to authenticate the message with known or public contact information.
If you think you have been targeted by a phishing scam or any other fraudulent activity, we strongly encourage you to report it to the Canadian Anti-Fraud Centre. More information on how to report fraud is available at: http://www.antifraudcentre-centreantifraude.ca or by calling 1-888-495-8501.
There are no comments at this time
- Date modified: