A couple of weeks ago on August 23rd in Edmonton, Alberta; Canada based MacEwan University revealed that their staff fell for a phishing scam resulting in a wire transfer of whopping $11.4 million.
According to the official statement on August 31st, 2017, unknown hackers sent “a series of fraudulent emails and convinced staff to change the electronic banking information for one of the institution’s major vendors.”
Unfortunately, the staff sent the aforementioned amount to the account details provided by the hackers that were traced to Canada and Hong Kong. The funds have been frozen while the university is in contact with respective authorities of both countries.
Although phishing scams are increasing, the main reason behind the successful feat against MacEwan University was the lack of knowledge of their staff regarding online threats. A team trained to identify such threats could have avoided such a massive loss of money.
In an email conversation with William MacArthur, threat researcher at RiskIQ highlighted the factor behind a successful cyber scam. “One thing has always been the same in phishing attacks: social engineering, i.e., luring people into clicking on a link and providing information so it can be captured and sent off to a drop zone,” said MacArthur.
These attacks go after who are traditionally less security savvy – often in HR and finance departments. These people must be alerted to the dangers of phishing, and make sure they are verifying the authenticity of every single email asking for sensitive information—that means researching the purported company online and picking up the phone and calling if necessary,” added MacArthur.
In June this year, a US based Judge was also tricked into similar phishing scam when hackers asked her to send $1 million to a bank account they provided posing as a real estate agent. She eventually ended up sending the money to a bank account in China.
Moreover, Facebook and Google were also targeted with a sophisticated phishing scam when Evaldas Rimasauskas from Lithuania, scammed the Internet giants into wiring over 100 million Dollars to several bank accounts in Cyprus, Latvia, Lithuania, Slovakia, Hong Kong and Hungary.
If you want to know how one can protect themselves from phishing scam follow these important 5 tips.