A clever phishing attack averted on Canada Day | U7 SOLUTIONS
NEW POST! Maximizing Social Media for Non-profit Success in 2024
NEW post! Maximizing Social Media for Non-profit Success in 2024

Chat with a marketing expert to...

  • Enhance your online presence
  • Optimize your site for conversions
  • Get help with complex tools
  • Build a smart online strategy
  • Implement cost-effective solutions
  • Measure and track success

    Want a customized strategy to drive your impact online?



    Our experts will analyze your website to identify your current marketing efforts.

    How big is your marketing team?

    Our experts will analyze your website to identify your current marketing efforts.

    What is your biggest challenge?


    We want to understand the difficulties you're facing.

    What is your monthly marketing budget?


    This helps us scale your plan appropriately for your budget.

    Congrats!

    You are one step away from your custom online strategy.

    How would you like to implement your new strategy?


    We want to give you a strategy and action plan that you can easily implement with your current resources.

    Your custom strategy is getting prepared!






    STEP 1 / 6

    A clever phishing attack averted on Canada Day

    Members on my team received this email message from ‘’me’’, on Canada Day, out of all days…

    Phishing email

    This was a phishing attempt.

    Phishing is a fraudulent attempt to obtain sensitive information such as usernames, passwords and credit card details by disguising oneself as a trustworthy entity in an electronic communication.

    That email was sent from an impersonator, their email being i@verrizone.com whereas my email is jayson.peltzer@u7solutions.com.

    Gmail actually recognized the attack for most of my other team members and flagged the email with this big yellow warning sign:

    Phishing email 2

    In this case, the email was sent from “u7solutions@workmail.com” which as well is NOT my email address, but much more misleading and tricky since it has our business name in it.

    Most people on my team who received this did NOT reply, largely thanks to this warning sign, and to their technology background.

    But ONE person did.

    Sadly, she received the email without the yellow warning sign. She is also an administrative assistant, therefore the request was more fitting for her role with our company.

    The conversation went like this:

    Employee: Hi Jayson, you can text me at *number*

    Phisher: Hi, I'm in a meeting, but I need you to do me a favor and pick up some gifts cards for me to give to clients.

    Employee: OK, I'm at the airport, but I can see if they have any here and mail them if you tell me who I should send them to. Or, I could order them on Amazon and have them sent directly to your place...

    Phisher: I was thinking you could get them at a physical store, I don't mind if you complete this after your flight. What I need is a Google Play Card of $500 face value. I need 2pcs of the card. That's $500 X 2, $1000 in total. The budget is $1000, Just in case you can’t find them in 500’s face value, you can also get them in 100’s (10pcs). Kindly purchase the physical cards at the store, scratch the back out and text me pictures of the codes. Thank you.

    After receiving this message she knew something was up and messaged me on Google Chat, where most of our team members communicate.

    Luckily, she did not go through with any requests and blocked them after confirming with me that it was indeed a phishing attack.

    ChatsConvo

    She told me later, “If the Phisher hadn't been greedy, and if he/she hadn't asked me to just text the codes I might have fallen for it.”

    I quickly made use of our “team” email list to send a warning to NOT to respond to the attack.

    Had it not been for Gmail’s yellow flagging, it’s very possible that more team members would’ve missed the dodgy sender’s email address.

    Scott Wright, a friend of mine who owns a cyber security company called Click Armor, says it is similar to the kind of attack suffered by the City of Ottawa’s Treasurer, when $100,000 was sent to an account, based on the impersonation of her boss, the City Manager.

    He adds, ‘’They will be successful with many of these attacks, especially with organizations that don’t have sophisticated gateway filters such as the one in Gmail. So, despite being able to avoid the threat this time, you do need to keep your team sharp, and on the lookout for suspicious inquiries. There will always be more coming.’’

    We take security on the web really seriously, which is why we want to share this personal story to grow awareness.

    At U7 Solutions, we work hard to prevent that our client websites from being hacked. Security is always a top concern of ours. In fact, we have a whole series of security items we apply to each website so that we can be as proactive as possible.

    But, sometimes security breaches go beyond technology and are at the human level. This experience was just that, it was a corporate hack. Given that most members on my team are web developers and very tech savvy, we weren’t the easiest target to trick.

    However, if you believe that your business would benefit from training or a workshop on cyber security, I strongly recommend contacting Scott from Click Armour. His company is designed to address this ongoing reality of constantly evolving threats to businesses, which target employees. He is making it more fun to do that, and more effective for managers to monitor their proficiency through various programs and workshops.

    Read more here: https://www.clickarmor.ca/ and stay vigilant!

    If you’re interested in moving your business email system over to Google Suite, then contact me directly at jayson.peltzer@u7solutions.com

    Members on my team received this email message from ‘’me’’, on Canada Day, out of all days…

    Enjoy this article? Don't forget to share

    Let's chat about your goals

     

    OR tell us more about you

      Book a free consult

      Ready to speak to an expert? Fill out the form below and we’ll get in touch with you soon.

        Swipe up for expert help!

        get a proposal
        20% off for nonprofits and agency partners