Date: Wednesday, January 20, 2021Victoria, BC – Officers are warning businesses, non-profit and other organizations after a national alert was issued yesterday by the Canadian Anti-Fraud Centre about the continued rise of a sophisticated but common cybercrime: “spear phishing.” With COVID-19 continuing to require many to work remotely, cybercrimes like spear phishing continue to be on the rise nation-wide.In spear phishing attacks, criminals attempt to redirect or fraudulently initiate payments that would otherwise be legitimate. They often do so by penetrating an organization’s communications and passing off themselves as a person with financial decision-making authority.Fraudsters take their time to collect information on their intended targets, so they can send convincing emails from a seemingly trusted source.Fraudsters will infiltrate or spoof a business or individual email account. They create a rule to send copies of incoming emails forwarded to one of their own accounts. They comb through these emails to:

study the sender’s use of language
look for patterns linked to important contacts, payments, and dates

Victoria and Esquimalt continue to see spear phishing attacks and attack attempts. In one recent incident, the fraudsters claimed to be a person with financial authority and demanded a funds transfer. A staff member at a local business with an eye for detail noted that the email address used in the attempt was one letter off from the legitimate email address.According to the Canadian Anti-Fraud Centre bulletin, variations of spear phishing attacks include:

A business receives a duplicate invoice with updated payment details supposedly from an existing supplier or contractor
An accountant or financial planner receives a large withdrawal request that looks like it’s coming from their client’s email
Payroll receives an email claiming to be from an employee looking to update their bank account information
Members of a church, synagogue, temple, or mosque receive a donation request by email claiming to be from their religious leader
An email that seems to come from a trusted source asks you to download an attachment, but the attachment is a malware that infiltrates an entire network or infrastructure
An email that seems to come from trusted source asks you to buy gift cards

There are key warning signs which are common among cybercrime frauds.They include:

Unsolicited emails
Direct contact from a senior official you are not normally in contact with
Requests for absolute confidentiality
Pressure or a sense of urgency
Unusual requests that do not follow internal procedures
Threats or unusual promises of reward

How to protect yourself

Remain current on frauds targeting business and educate all employees
Include fraud training as part of new employee onboarding
Put in place detailed payment procedures and institute a verification step for unusual requests.
Establish fraud identifying, managing and reporting procedures
Avoid opening unsolicited emails or clicking on suspicious links or attachments
Take a few seconds to hover over an email address or link and confirm that they are correct
Restrict the amount of information shared publicly and show caution with regards to social media
Upgrade and update technical security software

You can learn more about how to protect yourself, your family and your organization from fraud by visiting vicpd.ca/fraud. If you have fallen victim to a fraud, stop payment immediately, contact your financial institution and call our Report Desk at (250) 995-7654 ext 1.If you think you or someone you know has been a victim of an attempted fraud, please contact the Canadian Anti-Fraud Centre at 1-888-495-8501 or report online at http://www.antifraudcentre-centreantifraude.ca.

-30-

Cybercrime Centre National ALERT |’Spear Phishing’ On The Rise

# Related Posts

Charges Sworn In April 2024 Homicide Investigation

VicPD Co-Response Team Receives Special Presentation In Honour Of Chantel Moore

CCTV Deployment For Downtown Demonstration On Saturday