The Canadian Imperial Bank of Commerce is a favourite brand used by cyber thieves in phishing attacks. (Photo by THE CANADIAN PRESS)

CIBC among top brands used in North American phishing attacks: security firm

TORONTO — The Canadian Imperial Bank of Commerce is one of the most commonly targeted brands used by cyberthieves in phishing attacks across North America, with a more than 600 per cent surge in fake email attempts in the third quarter, according to analysis by an email security firm.

Vade Secure’s research shows that during that period CIBC was the lone Canadian company among the top 25 brands used by cybercriminals trying to trick people into handing over their credentials and confidential data, according to the France-based company’s engine.

The Toronto-based bank was ranked 25th and used in an average of 5.3 new phishing links per day during the third quarter, an increase of more than 622 per cent from the previous quarter, the analysis showed.

The email security firm’s chief executive Adrien Gendre said each of these links, which typically mimic official webpages, can be sent to thousands of users.

It’s unclear what is behind the surge in phishing activity, but one factor could be CIBC’s launch of its Simplii Financial direct banking brand last year, Gendre said. When users are less familiar with what interactions to expect, they are easier to deceive with a fake email, he said.

“Every new service, it’s a good target for phishing… People will click more on it,” Gendre said.

Vade Secure, based in Lille, France, protects more than 500 million inboxes and its conclusions were based on the phishing attacks detected by its artificial-intelligence powered platform.

CIBC said “cyber security is an evolving space that we monitor closely.

“We have multiple layers of security in place and continuously invest to safeguard our clients,” spokesman Tom Wallis wrote in an emailed statement.

The email security firm’s analysis comes as Canadian banks continue ramp up their spending on technology, including cybersecurity defences, and months after BMO and Simplii said that thousands of customers may have had personal and financial data compromised.

In May, BMO said hackers contacted the bank claiming to be in possession of the personal data of fewer than 50,000 customers, and that the attack originated outside of Canada. At the same time, Simplii also warned that “fraudsters” may have accessed certain personal and account information for about 40,000 clients.

A leak of user data is often followed by a wave of phishing attacks or a malware attack months later, Gendre said.

A few years ago, grammatical errors or language mistakes would easily signal that it was fraudulent, but now these fake webpages are often indistinguishable from the real thing, Gendre added.

The three top targets in North American phishing attacks during the third quarter were Microsoft, PayPal and Netflix, but other large Canadian banks were also among the 86 brands tracked by Vade Secure.

Bank of Montreal was in 33rd place with phishing activity up 317.5 per cent from the previous quarter, followed by Scotiabank in 47th place with activity up 53.1 per cent. Royal Bank of Canada and Toronto-Dominion Bank saw a drop in phishing activity, down 91 per cent and 57.6 per cent from the previous quarter, respectively, to put them in the 49h and 62nd spots.

However, during the second quarter, RBC was in the 21st spot with an 767.3 per cent increase in phishing links, according to Vade Secure.

Gendre said cyberthieves typically cycle through different targets, switching to a new one as users become aware of the fake links and their attacks become less efficient.

RBC’s vice-president of cyber operations and chief information officer Adam Evans said that as the bank increases its global footprint it becomes a bigger target for phishing attacks, but it has layers of security to protect against these kinds threats. The bank has also been increasing its cyber security budget and investing in technologies to mitigate this threat, he added.

“Organizations that have a global footprint are going to be targeted more often and probably more frequently over time,” he said.

BMO, Scotiabank and TD Bank did not respond to requests for comment.

Just Posted

Trial stalls for man accused in fatal Canada Day 2016 crash

Defence lawyer argued relevant information received only hours before trial to begin

Big-time entertainers to perform in Red Deer during the 2019 Canada Winter Games

Musicans announced include Strumbellas, k-os, Brett Kissel

Builders say it’s not the time for higher permit fees in Red Deer

Construction industry is hard hit by slow economy

Bighorn Country telephone town hall for Red Deer area set for Wednesday

Residents can phone in from 6:30-7:30 p.m. to hear about the project or ask questions

WATCH:2019 Canada Winter Games torchbearers announced

Sixteen torchbearers announced with others to be revealed during Opening Ceremonies

Theresa May wins no-confidence vote after Brexit deal rejection

UK PM can keep her job, after House of Commons voted 325-306

Alberta doctor accused of sexual assault asked to voluntarily give up practice

College says Dr. Barry Wollach should discontinue his practice, given the seriousness of the allegation against him

Speedy acceptance of Saudi shows refugee system’s flaws

Who would not wish Rahaf Mohammed well? The 18-year-old Saudi wants to… Continue reading

Hertl’s hat trick leads Sharks past Penguins 5-2

SAN JOSE, Calif. — Tomas Hertl needed just three games to get… Continue reading

Starring role beckons for Canada’s Alphonso Davies at Bayern Munich

BERLIN — Canadian teenager Alphonso Davies could be thrown in at the… Continue reading

Bus singer gives voice to Venezuela’s growing diaspora

LIMA, Peru — A year ago, Venezuelan migrant Reymar Perdomo was singing… Continue reading

Corey Hart to be inducted into Canadian Music Hall of Fame at Juno Awards

TORONTO — Crooner Corey Hart will join Canadian music royalty in the… Continue reading

Lucic, Kassian each score twice to power Oilers in 7-2 win over Sabres

EDMONTON — Milan Lucic and Zack Kassian each scored a pair of… Continue reading

Most Read