Canadian City Fell Prey to a $375K Phish

Security

Yet another city has fallen victim to a “a complex phishing email.” The scam cost Burlington, Ontario, Canada, C$503,000 – the equivalent of nearly US$375,000.

“On Thursday, May 23, the City of Burlington discovered it was a victim of fraud. A single transaction was made to a falsified bank account as a result of a complex phishing email to City staff requesting to change banking information for an established City vendor. The transaction was in the form of an electronic transfer of funds made to the vendor…and was processed on May 16,” the city announced.

Burlington immediately contacted law enforcement and a criminal investigation is underway, according to the announcement.  

“Cyber-attacks are on the rise, and phishing emails that involve the human factor are responsible for a great number of these breaches. Organizations globally are realizing the need to invest in employee training and deploy different training solutions in hope to mitigate the risk of data breaches,” said Shlomi Gian, CEO at CybeReady.

“Instead of increasing spending and IT effort, organizations should opt for smart solutions that guarantee change in employee behavior. Effective training should not become an IT and financial burden. Increased awareness might be the only way to reduce the risk of another incident like this in the foreseeable future.”

According to Global News Canada, none of Burlington’s systems have been impacted by the transaction. At this time, the city is not providing any additional information, but experts advise that all organizations continue to invest in their human capital via security training and awareness.

“Humans remain the weakest link in any organization. Properly implemented security controls can reduce the risk of human error but not eliminate it. Worse, cyber-criminals will now purposely target smaller organizations that cannot afford to invest in their cybersecurity,” said Ilia Kolochenko, founder and CEO of web security company ImmuniWeb.

Products You May Like

Articles You May Like

Zoom Video Conferencing for macOS Also Vulnerable to Critical RCE Flaw
What to do when a CryptoLocker virus attacks
How your Instagram account could have been hijacked
Tesla drops request for restraining order against allegedly dangerous short seller
What to expect from tomorrow’s antitrust hearing featuring big tech

Leave a Reply

Your email address will not be published. Required fields are marked *