Friday, 29 Nov 2024

Saskatoon may never see $1 million returned in ‘digital pandemic’: expert

If $1.04 million stolen from Saskatoon city hall went overseas, taxpayers will likely never see it again, according to a cyber-security expert.

On Thursday, Saskatoon city manager Jeff Jorgenson told media how a fraudster impersonated a construction company’s chief financial officer for weeks and got away with the money.

Ryan Vestby is the CEO of Edmonton-based CompuVision Systems Inc., which works with companies to guard against cyber theft.

“My understanding of the Saskatoon case [is] they did not catch this quick enough, and the money, if it’s outside the walls of Canada, it is as good as gone,” Vestby said.

Cyber theft happens on a daily, if not hourly basis in the private sector, Vestby said, though many companies choose to keep quiet.

“I would almost call [it] a pandemic – a digital pandemic that’s happening where you’re seeing this more and more,” Vestby said.

The theft in Saskatoon is believed to be a case of phishing, where imposters target a victim, manipulate the victim into providing sensitive information and then use the information to steal money.

Saskatoon’s misfortune comes one year after a cyber-bandit impersonated the City of Ottawa’s city manager and fooled the city treasurer into transferring the equivalent of $128,000 to a fake account.

Two years ago, MacEwan University in Edmonton fell victim to a phishing scam to the tune of near $12 million – though it managed to recover the bulk of the funds.

An internal auditor is looking into the Saskatoon city hall theft. Saskatoon police are investigating as well, though the probability of recovering the money isn’t known yet, according to police spokesperson Alyson Edwards.

If the RCMP isn’t already investigating the Saskatoon case, Edwards said the national police agency will be at some point.

Cyber thieves are issuing fewer error-laden messages, which means spam filters can’t catch all the phoney messages, according to police.

“It’s impossible to keep up to their sophistication, and around the world, people are falling into their traps, unfortunately,” Edwards said.

Saskatoon has filed an insurance claim for the lost money. Vestby recommends corporations pay for insurance specific to cyber theft.

To train its employees and those of its customers, CompuVision conducts “ethical phishing,” where it sends out false emails, tracks how many people fall for them and then trains people how to avoid the real thieves.

Canadians, in particular, are often targeted through phishing, according to Vestby.

“We’re friendly, we’re open [and] we’re trusting. We have all of these traits that are perfect for cybercriminals,” he said.

For the Canadian Taxpayers Federation (CTF), the Saskatoon fraud is frustrating, but a reality of life.

“We always have good debates about what’s the best use of tax dollars, but nobody wants to see it lost through crime,” CTF prairie director Todd MacKay said.

“That’s the worst.”

Source: Read Full Article

Related Posts