![\"\"](\"https:\/\/onlineacademiccommunity.uvic.ca\/phishbowl\/wp-content\/uploads\/sites\/4983\/2020\/07\/Canary0-300x133.png\")
<\/p>\nAn email account at one of UVic’s suppliers was compromised.\u00a0 The attacker accessed the email account at the supplier and attempted to have staff at UVic send payment to a bank account owned by the attacker via wire transfer.<\/p>\n
While the staff person in this particular department did not immediately suspect a fraud attempt, they eventually called the supplier contact and confirmed with the supplier that they did not send those emails.\u00a0 No payment was sent.<\/p>\n
Below are redacted screenshots of emails sent by the attacker.\u00a0 If you receive similar emails, contact your supplier using a phone number you already have on file, inform UVic Accounting, and contact the Information Security Office.<\/p>\n
This is the initial contact from the attacker:<\/p>\n
<\/p>\n
The attacker starts to get demanding here:<\/p>\n
![\"\"](\"https:\/\/onlineacademiccommunity.uvic.ca\/phishbowl\/wp-content\/uploads\/sites\/4983\/2020\/07\/Canary1-300x101.png\")
<\/p>\n
And finally, the attacker forgets that improper spelling and grammar is a strong indicator that something is wrong:<\/p>\n
![\"\"](\"https:\/\/onlineacademiccommunity.uvic.ca\/phishbowl\/wp-content\/uploads\/sites\/4983\/2020\/07\/Canary2-300x98.png\")
<\/p>\n","protected":false},"excerpt":{"rendered":"
An email account at one of UVic’s suppliers was compromised.\u00a0 The attacker accessed the email account at the supplier and attempted to have staff at UVic send payment to a bank account owned by the attacker via wire transfer. While the staff person in this particular department did not immediately suspect a fraud attempt, they … Continue reading Invoice Payment Redirection<\/span><\/a><\/p>\n","protected":false},"author":701,"featured_media":0,"comment_status":"closed","ping_status":"open","sticky":false,"template":"","format":"image","meta":{"footnotes":""},"categories":[1],"tags":[],"class_list":["post-199","post","type-post","status-publish","format-image","hentry","category-uncategorized","post_format-post-format-image"],"_links":{"self":[{"href":"https:\/\/onlineacademiccommunity.uvic.ca\/phishbowl\/wp-json\/wp\/v2\/posts\/199","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/onlineacademiccommunity.uvic.ca\/phishbowl\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/onlineacademiccommunity.uvic.ca\/phishbowl\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/onlineacademiccommunity.uvic.ca\/phishbowl\/wp-json\/wp\/v2\/users\/701"}],"replies":[{"embeddable":true,"href":"https:\/\/onlineacademiccommunity.uvic.ca\/phishbowl\/wp-json\/wp\/v2\/comments?post=199"}],"version-history":[{"count":3,"href":"https:\/\/onlineacademiccommunity.uvic.ca\/phishbowl\/wp-json\/wp\/v2\/posts\/199\/revisions"}],"predecessor-version":[{"id":205,"href":"https:\/\/onlineacademiccommunity.uvic.ca\/phishbowl\/wp-json\/wp\/v2\/posts\/199\/revisions\/205"}],"wp:attachment":[{"href":"https:\/\/onlineacademiccommunity.uvic.ca\/phishbowl\/wp-json\/wp\/v2\/media?parent=199"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/onlineacademiccommunity.uvic.ca\/phishbowl\/wp-json\/wp\/v2\/categories?post=199"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/onlineacademiccommunity.uvic.ca\/phishbowl\/wp-json\/wp\/v2\/tags?post=199"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}