Mock email scam ensnares hundreds of bureaucrats

OTTAWA — Many of the Justice Department’s finest legal minds are falling prey to a garden-variety Internet scam.

OTTAWA — Many of the Justice Department’s finest legal minds are falling prey to a garden-variety Internet scam.

An internal survey shows almost 2,000 staff were conned into clicking on a phoney “phishing” link in their email, raising questions about the security of sensitive information.

The department launched the mock scam in December as a security exercise, sending emails to 5,000 employees to test their ability to recognize cyber fraud.

The emails looked like genuine communications from government or financial institutions, and contained a link to a fake website that was also made to look like the real thing.

Across the globe, an estimated 156 million of these so-called “phishing” emails are sent daily, and anyone duped into clicking on the embedded web link risks transferring confidential information — such as online banking passwords — to criminals.

The Justice Department’s mock exercise caught 1,850 people clicking on the phoney embedded links, or 37 per cent of everyone who received the emails.

That’s a much higher rate than for the general population, which a federal website says is only about five per cent.

The exercise did not put any confidential information at risk, but the poor results raise red flags about public servants being caught by actual phishing emails.

A spokeswoman says “no privacy breaches have been reported” from any real phishing scams at Justice Canada.

Carole Saindon also said that two more waves of mock emails in February and April show improved results, with clicking rates falling by half.

“This is an awareness campaign designed to inform and educate employees on issues surrounding cyber security to protect the integrity of the department’s information systems and in turn better protect Canadians,” she said in an email.

“In this case, this exercise specifically dealt with the threat from phishing which is increasingly being used as an attack vehicle of choice by cyber criminals.”

“As this project progresses, we are pleased that the effectiveness of this campaign is showing significant improvement.”

A February briefing note on the exercise was obtained by The Canadian Press under the Access to Information Act.

The document indicates there are more such exercises planned — in June, August and October — and that the simulations will be “graduating in levels of sophistication.”

Those caught by the simulation are notified by a pop-up window, giving them tips on spotting malicious messages.

The federal government’s Get Cyber Safe website says about 10 per cent of the 156 million phishing emails globally make it through spam filters each day.

Of those, some eight million are actually opened by the recipient, but only 800,000 click on the links — or about five per cent of those who received the emails.

About 10 per cent of those opening the link are fooled into providing confidential information — which represents a worldwide haul of 80,000 credit-card numbers, bank accounts, passwords and other confidential information every day.

“Don’t get phished!,” says the federal website, “Phishing emails often look like real emails from a trusted source such as your bank or an online retailer, right down to logos and graphics.”

The department has some 5,000 employees, about half of them lawyers.

Just Posted

Updated: Red Deer welcomes 2019 Canada Winter Games Team Alberta

About 250 Alberta athletes are participating in the Games

Syrian immigrants feel welcomed

Winter Social held at Festival Hall to promote multiculturalism

Small group rallies with pro-immigration message

Group wanted to counter misinformation on United Nations migration agreement

Trump says ‘things are going very well’ with North Korea

WASHINGTON — President Donald Trump said Saturday that “things are going very… Continue reading

NDP won’t stop until Trans Mountain is built, says minister

Deron Bilous speaks at Red Deer chamber luncheon

VIDEO: Students in MAGA hats mock Native American at Indigenous Peoples March

Diocese in Kentucky says it is investigating the matter, caught on video by onlookers

CONSUMER REPORT: What to buy each month in 2019 to save money

Resolve to buy all of the things you want and need, but pay less money for them

Anxiety in Alaska as endless aftershocks rattle residents

Seismologists expect the temblors to continue for months, although the frequency has lessened

Women’s March returns across the U.S. amid shutdown and controversy

The original march in 2017, the day after President Donald Trump’s inauguration, drew hundreds of thousands of people

Kriechmayr edges Swiss favourite Feuz to win WCup downhill

WENGEN, Switzerland — It takes a special run to beat Switzerland’s best… Continue reading

WestJet plane heading to Victoria slides off Edmonton runway, no injuries

EDMONTON — A WestJet plane has slid off an icy taxiway at… Continue reading

Sam Bennett scores twice, Flames beat Red Wings 6-4

Flames 6, Red Wings 4 CALGARY — Sam Bennett scored twice including… Continue reading

Rare ‘super blood wolf moon’ takes to the skies this Sunday

Celestial event happens only three times this century

Most Read