{"id":4388,"date":"2017-09-02T18:33:20","date_gmt":"2017-09-02T13:03:20","guid":{"rendered":"https:\/\/qadit.com\/blog\/?p=4388"},"modified":"2017-09-02T18:33:20","modified_gmt":"2017-09-02T13:03:20","slug":"canadian-university-scammed-out-of-11-8-million","status":"publish","type":"post","link":"https:\/\/qadit.com\/blog\/canadian-university-scammed-out-of-11-8-million\/","title":{"rendered":"Canadian university scammed out of $11.8 million"},"content":{"rendered":"<div>\n<div class=\"entry-content\">\n<p>MacEwan University in Edmonton, Alberta, is the latest confirmed victim of scammers.<\/p>\n<p><img decoding=\"async\" src=\"https:\/\/ift.tt\/2wsRaAw\" class=\"aligncenter\" alt=\"university scam\"><\/p>\n<p>\u201cOn Wednesday, August 23, MacEwan University discovered it had been the victim of a phishing attack. A series of fraudulent emails convinced university staff to change electronic banking information for one of the university\u2019s major vendors. The fraud resulted in the transfer of [Canadian] $11.8 million to a bank account that staff believed belonged to the vendor,\u201d the Canadian university <a href=\"https:\/\/ift.tt\/2vxxAGj\" target=\"_blank\">shared<\/a>.<\/p>\n<p>After the fraud was discovered, the university conducted an audit of business processes through its internal audit group and with the help of outside experts.<\/p>\n<p>\u201cPreliminary assessment has determined that controls around the process of changing vendor banking information were inadequate, and that a number of opportunities to identify the fraud were missed,\u201d they noted.<\/p>\n<p>Since them, additional controls were put in place to prevent further incidents.<\/p>\n<p>Once the fraud was discovered after the real vendor complained of non-payment, the accounts to which the funds were sent were traced to Canada and Hong Kong, and local law enforcement agencies were contacted. <\/p>\n<p>Corporate security units of banks involved with the e-transfers were also notified, and they managed to freeze the funds. The university is working with legal counsel in Montreal, London and Hong Kong to pursue civil action to recover the money.<\/p>\n<p>No further details about the phishing attack were revealed, but it\u2019s obvious this is a variant of the business email compromise <a href=\"https:\/\/ift.tt\/21bJmuU\">(BEC) scam<\/a>: the so-called \u201cpayment instruction switch\u201d or \u201cthe supplier swindle.\u201d<\/p>\n<p>\u201cThere is never a good time for something like this to happen,\u201d said university spokesman David Beharry, \u201cbut as our students come back to start the new academic year, we want to assure them and the community that our IT systems were not compromised during this incident. Personal and financial information, and all transactions made with the university are secure. We also want to emphasize that we are working to ensure that this incident will not impact our academic or business operations in any way.\u201d<\/p>\n<p class=\"hnst-tag-specific-content\">\n<\/p><\/div>\n<\/p><\/div>\n<p><b>Read the Full Article here: <a href=\"https:\/\/ift.tt\/1LoKdAd\">&gt;Help Net Security &#8211; News<\/a><\/b><\/p>\n","protected":false},"excerpt":{"rendered":"<p>MacEwan University in Edmonton, Alberta, is the latest confirmed victim of scammers. \u201cOn Wednesday, August 23, MacEwan University discovered it had been the victim of a phishing attack. A series of fraudulent emails convinced university staff to change electronic banking information for one of the university\u2019s major vendors. The fraud resulted in the transfer of &hellip; <\/p>\n<p class=\"link-more\"><a href=\"https:\/\/qadit.com\/blog\/canadian-university-scammed-out-of-11-8-million\/\" class=\"more-link\">Continue reading<span class=\"screen-reader-text\"> &#8220;Canadian university scammed out of $11.8 million&#8221;<\/span><\/a><\/p>\n","protected":false},"author":2,"featured_media":0,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"jetpack_post_was_ever_published":false,"_jetpack_newsletter_access":"","_jetpack_dont_email_post_to_subs":false,"_jetpack_newsletter_tier_id":0,"_jetpack_memberships_contains_paywalled_content":false,"_jetpack_memberships_contains_paid_content":false,"footnotes":"","jetpack_publicize_message":"","jetpack_publicize_feature_enabled":true,"jetpack_social_post_already_shared":false,"jetpack_social_options":{"image_generator_settings":{"template":"highway","enabled":false},"version":2}},"categories":[12],"tags":[293],"class_list":["post-4388","post","type-post","status-publish","format-standard","hentry","category-itsec","tag-wonder-information"],"jetpack_publicize_connections":[],"jetpack_featured_media_url":"","jetpack_sharing_enabled":true,"jetpack_shortlink":"https:\/\/wp.me\/p9AH7Q-18M","_links":{"self":[{"href":"https:\/\/qadit.com\/blog\/wp-json\/wp\/v2\/posts\/4388","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/qadit.com\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/qadit.com\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/qadit.com\/blog\/wp-json\/wp\/v2\/users\/2"}],"replies":[{"embeddable":true,"href":"https:\/\/qadit.com\/blog\/wp-json\/wp\/v2\/comments?post=4388"}],"version-history":[{"count":1,"href":"https:\/\/qadit.com\/blog\/wp-json\/wp\/v2\/posts\/4388\/revisions"}],"predecessor-version":[{"id":4389,"href":"https:\/\/qadit.com\/blog\/wp-json\/wp\/v2\/posts\/4388\/revisions\/4389"}],"wp:attachment":[{"href":"https:\/\/qadit.com\/blog\/wp-json\/wp\/v2\/media?parent=4388"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/qadit.com\/blog\/wp-json\/wp\/v2\/categories?post=4388"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/qadit.com\/blog\/wp-json\/wp\/v2\/tags?post=4388"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}