Skip to content
Search
  • There are no suggestions because the search field is empty.
Cancel
Get Started Now

    Security Awareness Training Blog

    MacEwan University Victim Of $11.8M CEO Fraud

    macewan-university.pngCBC News reported that an Edmonton, Canada university was the victim of a $11.8 million CEO fraud attack after staff failed to call one of its vendors to verify whether emails requesting a change in banking information were legitimate.

    "MacEwan University discovered the fraud on Aug. 23 after the legitimate vendor, a construction company, called to ask why it hadn't been paid. Three payments were made to the fraudulent account: one on Aug. 10 for $1.9 million; another on Aug. 17 for $22,000 and a third on Aug. 19 for $9.9 million.

    Most of the money — more than $11.4 million — has been traced to accounts in Montreal and Hong Kong, the university said in a news release Thursday."

    This is a typical case where accounting employees were not trained using new-school security awareness training which includes frequent simulated social engineering attacks.

    The funds have now been frozen, the university said, adding it is working with legal counsel in Montreal, London and Hong Kong to pursue civil action to recover the money. The status of the rest of the missing money isn't known.

    University spokesperson David Beharry said the scammers sent emails that looked legitimate. "A domain site with the authentic logo was sent," Beharry told reporters. "The individual asked us to change banking information from the vendor. That information was changed." 

    Advanced Education Minister Marlin Schmidt said in a statement he found it unacceptable that the university fell victim to this scam.  He's asked the chair of MacEwan's board of directors to report by Sept. 15 about how this could have happened. 

    "While I'm told that MacEwan has put improved internal financial controls to help prevent it from happening again, I expect post-secondary institutions to do better to protect public dollars against fraud," Schmidt said in a statement.

    "That's why I've instructed all board chairs to review their current financial controls." Full story here.

    CEO-Fraud-Pages.jpg

    CEO Fraud Prevention Manual Download

    CEO fraud has ruined the careers of many executives and loyal employees. Don’t be next victim. This brand-new manual provides a thorough overview of how executives are compromised, how to prevent such an attack and what to do if you become a victim.

    Click Here To Download The Manual

    PS: Don't like to click on redirected buttons? Copy and paste this link in your browser:

    https://info.knowbe4.com/ceo-fraud-prevention-manual

     

    Return To KnowBe4 Security Blog

    Topics: CEO Fraud

    Stu Sjouwerman

    ABOUT STU SJOUWERMAN

    Stu Sjouwerman (pronounced “shower-man”) is the founder and CEO of KnowBe4, Inc., which hosts the world’s most popular integrated security awareness training and simulated phishing platform, with over 54,000 organization customers and more than 50 million users. A serial entrepreneur and data security expert with 30 years in the IT industry, Stu was the co-founder of Inc. 500 company Sunbelt Software, a multiple award-winning anti-malware software company that was acquired in 2010.

    Read more from Stu »

    Subscribe to Our Blog


    Security Awareness Training
    Blog RSS Feed
    Comprehensive Anti-Phishing Guide
    All Posts

    Posts by Tag

    See all

    Posts By Topic

    View All

    Get the latest about social engineering

    Subscribe to CyberheistNews