Company 
Team 
League Partners 
Case Study
Company News 
Team Member Spotlight 
Managed IT Services
Cloud Hosting 
Co-Managed %201.svg){kind=icon}
Managed VOIP 
Managed Security Services 
Data Backup + Disaster Recovery 
Security Assessment 
CMMC Compliance 
SharePoint
Power BI
Web Design + Hosting
Application Development
Businesses 
Municipalities 
Local Government Services 
Healthcare
Manufacturing
Aerospace and Defense
Case Studies
Guides
News
Events
Municipalities
Healthcare
Managed IT Services
Compliance
Cybersecurity
In response to Grant MacEwan University and the 11.8M dollar phishing attack
Unfortunately, this is the new normal when it comes to cyberattacks. Unless we invest far more into educating our employees on how to spot these types of scams, the scammers will ultimately win.
Phishing can be a very lucrative way for criminals to steal money. This week alone, we have fielded 5 attempts of this nature to our own VC3 client base. Luckily, our process has allowed us to be quite successful with the breaches we've had to deal with.
These types of attempts targeting the user are becoming the new normal, but they don’t have to be. Most of these cyber scams are very much preventable since it has to do with human behaviour and not expensive technology.
This is how these attacks are growing. It is hitting industry after industry and all because organizations are forgetting one simple thing.
Education.
All the technology in the world won’t protect your data or bank accounts if someone just opens the front door for criminals.
The problem in phishing attempts is us, the humans. It's like an egg. The hard outer shell of tech with a soft gooey middle of uneducated staff.
The most effective solution is to educate staff and continually test them.
As with technology, there is always innovation. There is a new layer evolving that is intended to detect and remediate anomalies in the network. This uses artificial intelligence to flag a phishing email, detect unusual behaviour, or lock down a stolen login. However, this isn’t quite ready yet and is still being tested.
Again, education is the key to keeping a threat like this from hitting home. Protect and educate yourself. Educate. Test. Repeat.
I feel for the folks involved in this latest scam, and I hope the University takes something from this incident and turns it into something they know a great deal about, educating people.
Examples of Phishing Emails
Phishing emails appear to come from a reputable source. Some common ones include Canada Revenue Agency, PayPal, Apple, DocuSign, vendors you may work with, or even your bank. They generally look very authentic and include logos, and the sent-from address looks to be from that organization. They include a link to another site.
Some phishing emails ask you to send money. They will look like they come from someone you know (even someone from work) as they spoof the from email address.
Here are two examples of actual phishing emails received, with some notes in red.
