An Alberta university says it has been defrauded of $11.8-million in a so-called phishing attack, admitting it didn't have safeguards in place as staffers unwittingly paid out millions of dollars online.
"This is an administrative error," David Beharry, spokesman for MacEwan University, said Tuesday.
"We have ensured that there will now be a secondary and tertiary level of approval."
Beharry was asked why safeguards were not in place beforehand.
"That is something we are seriously looking at," he said.
He said the scam occurred when fraudsters created a website that resembled the domain site of one of the university's major vendors.
Using that site, the fraudsters impersonated the vendors, asking the university to transfer accounts payable to a new bank account the fraudsters controlled.
Three staffers at MacEwan made three payments to the bogus account over a nine-day period ending Aug. 19. The university paid out $1.9-million, $22,000, and finally $9.9-million.
The university did not realize what had happened until days later when the vendor called asking to be paid.
https://beta.theglobeandmail.com/news/alberta/albertas-macewan-university-scammed-of-118-million-in-phishing-attack/
>>173927
Shit, I go there.