Canadian firms targeted with increasingly sophisticated phishing techniques

TORONTO — Fraudsters have become creative in disguising email that contains dangerous links and attachments and Canadian firms may be falling for the scams more often than those in other countries.

“We’ve seen everything from fake divorce papers to fake medical diagnoses, sometimes not even for the recipient of the email,” Proofpoint senior vice-president Ryan Kalember said in an interview at a Toronto cybersecurity conference.

“Humans are naturally curious creatures. We’re going to fall for that at some rate.”

A recent Proofpoint analysis found nearly 100 criminal cyber campaigns that targeted Canada between Jan. 1 and May 1 this year, in addition to thousands of other generic campaigns that reached Canada through the internet.

One type of malware noted by Proofpoint was DanaBot, which has been used to send out Canada Post-themed lures.

“We’ve seen a couple of campaigns leverage Canada Post branding. And that’s not uncommon. Package-delivery lures are always somewhere in the top five in terms of phishing that works for attackers,” Kalember said.

The danger for people who get such emails is that they may download software that could grab passwords, or send more fraudulent spam messages to reach more victims, or lock out access to system files.

David Masson, the Canada country manager for Darktrace — a cybersecurity firm — agrees that spoofing scams that hijack well-known brands are quite common internationally and Canada’s experience is similar.

But Masson said a Darktrace analysis last year found its Canadian clients were about three times as likely to download malware compared with clients in other countries.

“Which would indicate to me, that people were receiving links, phishing emails, business compromise spoofs — people being tricked …. into effecting the attack on themselves. You know, victim-operated attacks,” Masson said.

However, Masson sad there is a lack of official statistics on this type of security breach.

A database search done for The Canadian Press by the Canadian Anti-Fraud Centre suggests there’s been a rise in reports of suspected Canada Post-themed scams this year. It found 35 suspected frauds using Canada Post branding over 12 months ended May 1, including 26 in 2019.

The Office of the Privacy Commissioner said in an email that it was aware of this type of email spoofing, but had not heard anything specific to Canada Post and had not “received any recent complaints that relate specifically to this type of breach.”

Kalember said criminals have also used more sophisticated campaigns to target Canadians, using specific information about their targets that has been accumulated through many years of database breaches.

“Every single one of us has our email credentials tied up with all of these huge breaches that we hear about.”

That means hackers have many examples of how companies send internal messages, which people are in a position of authority, and even a record of old passwords that provide clues to new passwords, he said.

“And the longer that somebody has worked at an organization, the more predictable their password is likely to be,” Kalember said.

As a result, that has created a different type of email vulnerability for companies that build their business communications around a cloud-based system such as Microsoft Office 365 or Google Docs.

Once fraudsters have figured out a key person’s password, they can wreak havoc on a company by impersonating a supervisor and instructing a staff member to redirect the payroll or other payments to a different account.

“If a fraud actor can successfully empty that bank account, it can be quite catastrophic. And we’ve seen this quite regularly,” Kalember said.

Kalember said many times the criminal campaigns are unreported, so it’s difficult to quantify their frequency.

“That said, the attackers all measure this extremely carefully and the fact that they’re doing more of it is a clear indication that it is working — at least in some fashion.”

A Canada Post media representative said in an email that “unfortunately, malicious phishing emails circulate from time to time” and pointed to for advice on how to detect phishing emails and avoid falling for them.

“When Canada Post makes a delivery attempt, we leave a delivery notice card at your door or in your mailbox. We do not contact you by email unless you have requested it,” the website says.

The postal service also recommends that customers delete suspicious emails containing a link or file and report suspicious email to the Canadian Anti-Fraud Centre or Canada Post customer service.

Get local stories you won't find anywhere else right to your inbox.
Sign up here

Just Posted

Hundreds turn up at Coldest Night of Year walk in Red Deer

It wasn’t the coldest night of the year, which probably helped the… Continue reading

Police in Saskatoon shoot two dogs that attacked man, then advanced on officers

SASKATOON — Police in Saskatoon say officers had to open fire at… Continue reading

13-year-old Maskwacis teen missing

Maskwacis RCMP are asking for public assistance to locate 13-year-old Rebecca Soosay.… Continue reading

Red Deer area residents who were quarantined on cruise ship near Japan back in Canada

Central Alberta residents are safe and test negative for coronavirus

Alberta doctors getting ready for court fight against new pay, benefits deal

EDMONTON — The head of the Alberta Medical Association says it’s preparing… Continue reading

Fashion Fridays: The 8 best quality online stores! Shop the ultimate sales

Kim XO, helps to keep you looking good on Fashion Fridays on the Black Press Media Network

Your community calendar

Feb. 19 A Liberation of Holland event is being held at the… Continue reading

TSN, Curling Canada agree to eight-year extension on broadcast rights contract

MOOSE JAW, Sask. — Curling Canada and TSN have extended their broadcast… Continue reading

Wet’suwet’en hereditary chiefs meet with Mohawks in Kahnawake, Que.

KAHNAWAKE, Que. — Traditional chiefs of the Wet’suwet’en First Nation maintained Saturday… Continue reading

Saskatoon protest springs up, even after Trudeau orders blockades torn down

More protests in solidarity with Wet’suwet’en hereditary chiefs sprung up on Saturday,… Continue reading

Saskatchewan’s chief coroner warns public after fatal drug overdoses in Regina

REGINA — Two deaths and dozens of drug overdoses in Regina have… Continue reading

A champion, again: Humphries wins 3rd women’s bobsled title

Kaillie Humphries of the U.S. is a bobsled champion again, winning her… Continue reading

Canada’s Kingsbury finishes first in moguls for 62nd World Cup victory

TAZAWAKO, Japan — Canada’s Mikael Kingsbury earned his 62nd World Cup victory… Continue reading

Cruise-ship evacuees arrive for quarantine in Canada as first Wuhan evacuees let go

OTTAWA — A plane carrying 129 Canadians and their families who have… Continue reading

Most Read