Mock email scam ensnares hundreds of bureaucrats

OTTAWA — Many of the Justice Department’s finest legal minds are falling prey to a garden-variety Internet scam.

OTTAWA — Many of the Justice Department’s finest legal minds are falling prey to a garden-variety Internet scam.

An internal survey shows almost 2,000 staff were conned into clicking on a phoney “phishing” link in their email, raising questions about the security of sensitive information.

The department launched the mock scam in December as a security exercise, sending emails to 5,000 employees to test their ability to recognize cyber fraud.

The emails looked like genuine communications from government or financial institutions, and contained a link to a fake website that was also made to look like the real thing.

Across the globe, an estimated 156 million of these so-called “phishing” emails are sent daily, and anyone duped into clicking on the embedded web link risks transferring confidential information — such as online banking passwords — to criminals.

The Justice Department’s mock exercise caught 1,850 people clicking on the phoney embedded links, or 37 per cent of everyone who received the emails.

That’s a much higher rate than for the general population, which a federal website says is only about five per cent.

The exercise did not put any confidential information at risk, but the poor results raise red flags about public servants being caught by actual phishing emails.

A spokeswoman says “no privacy breaches have been reported” from any real phishing scams at Justice Canada.

Carole Saindon also said that two more waves of mock emails in February and April show improved results, with clicking rates falling by half.

“This is an awareness campaign designed to inform and educate employees on issues surrounding cyber security to protect the integrity of the department’s information systems and in turn better protect Canadians,” she said in an email.

“In this case, this exercise specifically dealt with the threat from phishing which is increasingly being used as an attack vehicle of choice by cyber criminals.”

“As this project progresses, we are pleased that the effectiveness of this campaign is showing significant improvement.”

A February briefing note on the exercise was obtained by The Canadian Press under the Access to Information Act.

The document indicates there are more such exercises planned — in June, August and October — and that the simulations will be “graduating in levels of sophistication.”

Those caught by the simulation are notified by a pop-up window, giving them tips on spotting malicious messages.

The federal government’s Get Cyber Safe website says about 10 per cent of the 156 million phishing emails globally make it through spam filters each day.

Of those, some eight million are actually opened by the recipient, but only 800,000 click on the links — or about five per cent of those who received the emails.

About 10 per cent of those opening the link are fooled into providing confidential information — which represents a worldwide haul of 80,000 credit-card numbers, bank accounts, passwords and other confidential information every day.

“Don’t get phished!,” says the federal website, “Phishing emails often look like real emails from a trusted source such as your bank or an online retailer, right down to logos and graphics.”

The department has some 5,000 employees, about half of them lawyers.

Just Posted

Blackfalds firefighter battling cancer

A volunteer firefighter in Blackfalds for 15 years, Dave Sutherland now battling… Continue reading

Red Deer transit users are concerned about the future

But recreation centre users are glad facility hours were maintained

Community cardiac awareness dinner and show to be held

Continued focus to bring cardiac catheterization lab to Red Deer

Red Deer businesses react to 2.02 per cent tax increase for 2018

Chamber would prefer zero increase, while DBA thinks it’s reasonable

Bring on the rodeo says Red Deer County mayor

Canadian Finals Rodeo’s move to Red Deer good for whole region, says Red Deer County Mayor Jim Wood

WATCH news on the go: Replay Red Deer Jan. 21

Watch news highlights from Red Deer and Central Alberta

RDC chosen to host 2019 men’s volleyball national championship

Sports enthusiasts in Red Deer will have more to look forward to… Continue reading

Police is still looking for Second World War army passport owner

No one has claimed a rare Second World War German army passport… Continue reading

DJ Sabatoge and TR3 Band kick off Sylvan Lake’s Winterfest 2018

Central Alberta’s youngest DJ will open for TR3 Band kicking off Town… Continue reading

Two Canadians, two Americans abducted in Nigeria are freed

Kidnapping for ransom is common in Nigeria, especially on the Kaduna to Abuja highway

WATCH news on the go: Replay Red Deer Jan. 21

Watch news highlights from Red Deer and Central Alberta

Liberals quietly tap experts to write new paternity leave rules

Ideas include creating an entirely new leave benefit similar to one that exists in Quebec

Insurers say Canadian weather getting hotter, wetter and weirder

Average number of days with heavy rain or snow across Canada has been outside norm since spring 2013

Are you ready for some wrestling? WWE’s ‘Raw’ marks 25 years

WWE flagship show is set to mark its 25th anniversary on Monday

Most Read


Five-day delivery plus unlimited digital access for $185 for 260 issues (must live in delivery area to qualify) Unlimited Digital Access 99 cents for the first four weeks and then only $15 per month Five-day delivery plus unlimited digital access for $15 a month