, in which someone pretending to beAttack.Phishinga bank sendsAttack.Phishingan email or text message , hoping to trickAttack.Phishingyou into enter or re-enter account information or a credit card number . What hit MacEwan was a spear phishing attackAttack.Phishing, in which scammers impersonateAttack.Phishinga client or associate of the individual . In this case , the fraudster had cut-and-pasted the actual vendor ’ s logo , MacEwan spokesman David Beharry said . A phishing attacker will often cast several luresAttack.Phishing; in this case , investigators said 14 different Edmonton-area construction sites or firms were impersonatedAttack.Phishingas part of this attempt . The successful trickAttack.Phishingled to financial transfers equivalent to more than five per cent of the publicly funded school ’ s 2016 operating budget , according to records . This inflicted vastly more damage than the last well-documented online scam to successfully target an Alberta post-secondary school : last year , University of Calgary paidAttack.Ransom$ 20,000 in what ’ s known as a ransomware attackAttack.Ransom, in which cyberattackers manage to lock or encrypt network data until the victim pays upAttack.Ransom. While MacEwan is confident it can recoup the amounts already frozen , it will also incur legal fees on three continents as it tries to do so , Beharry says . Edmonton ’ s second-largest university knew enough about this problem to launch its own phishing awareness campaign last school year for staff and students , posters and all . Now , the school itself will become a cautionary tale about the perils and pratfalls of spear phishing cyberattacksAttack.Phishing. With this ugly incident , MacEwan University becomes a cautionary tale of another sort : financial controls . These were not high-level employees ensnared by this phishing attackAttack.Phishing, the school spokesman says , though he did not identify them or clarify how the three employees were involved . From now on , one fraud and $ 11.8 million later , such vendor banking information changes will need to go through a second and third level of approval at MacEwan before the final clicks or keystrokes occur .
There ’ s a new LinkedIn scamAttack.Phishingdoing the rounds , involving phishing emails and a fake website designedAttack.Phishingto harvest the information you have in your CV . In the first stage of the scam , you receiveAttack.Phishinga phishing email disguised asAttack.Phishinga LinkedIn email . Here are just a few of the giveaways that this is a phishing email : Clicking either of the two links in the spam email will send you to https : //linkedinjobs ( dot ) jimdo ( dot ) com . We scanned the link with VirusTotal , and most of the security solutions found it to be clean , with the exception of a less well known scanner , AutoShun . Clicking on the website itself will take you to a simple page , where the main focus falls on a form for uploading your CV . Your CV contains a wealth of personal data which a cybercriminal uses to make a profit at your expense . Phone numbers can be sold for companies doing promotional cold calling . Or , the cybercriminal might call you himself in a vishing attackAttack.Phishing. Sometimes however , the attacker targets a company you worked at ( or a future company you want to work for ) . Using the information found within your CV , the attacker might impersonateAttack.Phishingyou in order to launch spear phishing emails against people in those companies , such as the CEO or the accounting department , in order to illegally obtain funds or money transfers . In 2016 for instance , the CEO of an Austrian airplane component manufacturer was fired after he got trickedAttack.Phishingby a spear phishing attackAttack.Phishingthat led him to transfer around 40 million euros to the scammer ’ s account . This isn ’ t the first time LinkedIn has been used a cover for a phishing campaignAttack.Phishing. Another similar situation was encountered in 2016 , which we also covered . It ’ s difficult ( if not impossible ) for companies alone to prevent these scams from taking place . In these cases , users too should contribute to keeping the Internet safe . In cases involving LinkedIn , the best course of action is to report these to the company : LinkedIn itself also offers a thorough set of tips and advice on how to recognize various scams over the network , such as inheritance or dating scams . When you ’ re actively searching for a job , being offered one in such a compelling tone might seem appealing . Because you expect to receive such messages ( indeed , you welcome them ) you ’ re tempted to let your guard down , and that ’ s exactly when a scammer strikes .