We understand the specialized markets in which you operate and provide tailored solutions to meet your unique business needs.
Our comprehensive suite of business services combines industry expertise, market knowledge and professional insights.
MNP is a leading national accounting, tax and business consulting firm in Canada.
Suite 2000, 330 5th Ave. S.W.
Submit an RFP
MNP careers are Different by Design. As an entrepreneurial firm, we truly believe there are no limits to where your career can go.
Email phishing is a common practice by cyber criminals to obtain personal information via a fabricated communication. This email can be from an individual or entity pretending to be a familiar, legitimate and trustworthy source viz-a-viz an employee within an organization, an organization you work for, financial institutions, government agencies, and /or popular businesses.
The message is sent out to trigger an immediate response from the reader by prompting to click on the link in the email, downloading and opening an attachment or fulfilling an information request. The purpose of email phishing is to collect personal, financial and sensitive information, breach information security and data, download virus or pose a ransomware attack. This information is used for various purposes including identity theft, fraudulently obtaining funds, and gaining access to business data and network.
Who are the Targets
Any individual or organization, irrespective of its nature and size, can be a victim of email phishing. This can include government agencies, financial institutions, service organizations including airlines, hospitality, and healthcare groups, IT firms, and professional firms and businesses.
Cyber attacks through phishing scams can bring with them media attention and can cause embarrassment to businesses. The cost of repairing a business’ reputation cannot be gauged but some post-attack costs can include IT costs to reinstate the compromised system, legal costs for suit actions against the spammer and costs to defend suit actions from the affected parties. You can also add operational disruption costs and other related support costs.
Recently, a television personality was a victim of an email phishing scheme involving close to $400,000. The “Shark Tank” judge’s bookkeeper approved an email for authorization of payment towards a real estate renovation. The media personality was an avid real estate investor and it was not unusual for the bookkeeper to receive such emails. The email address used by the scammer seemed to belong to the personality’s assistant as it was intentionally misspelled by one letter.
In another instance, thousands of bank and credit card customers received a phishing email directing them towards fake financial institution websites. They were prompted to enter bank login details including account numbers and passwords which lead to their private data been compromised. The scammers were able to steal about $1.5 million from thousands of credit cards and bank accounts.
Be Alert for Red Flags
A phishing email may be too true to believe and seek an impulsive response involving urgency and emotions. The email may request for confirmations, updates and / or validation of account information. Such scams include a notice your email password will expire soon, request you link to change the email password, or participation in a survey, filling out a form. Other common scams include email with malicious links disguised from Center for Disease Control and Prevention (CDC) and the World Health organization (WHO), donation requests from fake charities to fight pandemics, Canada Revenue Agency tax payment requests, requests for payment authorizations, winning free trips, promise of money, threat regarding loss of money and so on.
The senders’ email address and / or name may be misspelled and at times with only one letter to seek reader’s confidence. For example: “Emailphishiing” or “Emailphishiing.com.”
If you believe that you have received a phishing email on your official email address or have already responded to it, report to the IT department within your organization and concerned authority including your financial institution or government agency.
Contact Robert Fowlie, Partner, Forensics Leader, Toronto, at 416.515.3802 or [email protected]
Suite 2000, 330 5th Ave. S.W.
Find an office near me