Got a nasty surprise when I looked at my bank account Saturday.
My end-of-the-month pay cheque wasn't there. Well, that's odd, I thought to myself. Better contact our accounting person right away and find out what's going on.
'You told me you changed your bank account and wanted your direct deposit put in the new account,” the response came. “I'll send you your email.”
“What!?!” came mine.
To make a long story short, last Tuesday, unbeknownst to me, an email with my name in the address bar showed up at our accounting department asking that my pay be put into a different account. After being asked for my new bank account information, my doppelganger promptly sent back a completed direct deposit form and into that account went my pay cheque.
Needless to say, a deeply troubled weekend passed while waiting for the bank to open Monday so I could clear up this mess.
Who is this alternate Mike Bryant? What does he know about me, the real Mike Bryant? Is he taking out credit cards in my name? Booking flights to Las Vegas? What sordid and unspeakable things are being plotted under my name?
Come Monday morning I was deeply relieved to find out there was no dummy Mike Bryant account to go along with the dummy email. There was a bank account alright but not under my name. The bank, after freezing the account, wouldn’t tell us who it belonged to but did confide that my money was deposited into an account in Nanaimo, B.C.
While it’s relieving to know my personal information – at least as far as I can tell, thus far – has not been compromised, I am left wondering why we're only finding out about this problem now.
A quick Google search turned up dozens of articles on this very scam, many of them dating back to March or April of this year. These reports indicate that company executives – I’m no Paul Godfrey but I suppose I loosely qualify in this regard – are targeted because their HR departments are less likely to question an email purportedly arriving from at or near the top. We figure that the culprit/culprits merely had a look at our company masthead and picked their target accordingly.
I’m just putting it out there, but you know, if our local bank branches were to forward us the odd press release warning the public of these kind of things, we’ll happily report it. We have newspapers, a website, and several well-visited social media pages to trumpet all the latest news.
But perhaps all this online banditry is too overwhelming. The amount of larcenous trash that daily fills my spam box is wearisome if not little depressing. For every five or six comments submitted to us to be included with our stories on the website, one will be from a bot trying to fool editors into publishing it. It will invariable contain links directing people to a scam site.
Few institutions appear invulnerable to getting duped at least once and a while. The Nunavut government was brought to its knees last month because somebody opened a link in an email that contained a ransomware virus that when launched, immediately begins to encrypt files. Something similar happened to us in 2015.
The GNWT Department of Health and Social Services was the victim of two cyber attacks the previous week. And as you may have read in News/North this week, our website endured nearly 1,500 bot attacks last week.
Big or small, at the heart of every institution are people. They’re busy, distracted or just plain oblivious. It’s a game of averages and the scammers know it.
Imagine what it would it be like if all these people scamming and scheming on the internet were to put their minds and energy toward something useful to society. And what a wonderful world it would be.