A national alert issued by the Canadian Anti-Fraud Centre has VicPD sounding the alarm over a new sophisticated cybercrime: “spear phishing.”
Spear phishing involves criminals attempting to redirect or initiate fraudulent payments while making them appear legitimate.
They do this by infiltrating or spoofing business or individual email accounts. Often fraudsters will take time to gather information on intended targets to send more convincing emails.
Information is collected by creating an email rule that forwards copies of a victim’s incoming emails to a fraudster’s accounts.
These emails are then combed for personal information, studying the sender’s language and looking for behaviour patterns, including important contacts, payments and dates.
VicPD say that Victoria and Esquimalt are seeing these types of spear phishing attacks in local incidents.
One staff member at a local business avoided a scam by spotting that a fraudulent email address was one letter off from a legitimate email address.
Other examples of attacks include donation requests sent to churches or temples from fraudsters pretending to be religious leaders, financial planners receiving withdrawal requests from phony client emails, or emails with malware attachments.
Police say key warning signs for cyberfraud are emails with threats, unusual requests against company procedures, unsolicited emails, or requests for absolute confidentiality.
VicPD says companies should include fraud training as part of new employee training, and individuals can restrict information shared publicly on social media while updating security software.
More information on fraud protection is available online at vicpd.ca/fraud.
Anyone who falls victim to fraud should stop payments immediately, contact their financial institution and VicPD at (250) 995-7654 ext 1.
Victims of attempted frauds can contact the Canadian Anti-Fraud Centre at 1-888-495-8501 or report online at http://www.antifraudcentre-centreantifraude.ca.
