**** Canadian Anti-fraud Centre Release
Spear phishing scams involve scammers pretending to be from legitimate sources to convince businesses or individuals to send them money. These scams leverage existing relationships between the person receiving the email and the person sending it. The sender’s address appears to be the actual email address of the source they’re pretending to be, a tactic known as spoofing. Many variations have been reported to us, including:
- Business executive spoofs
- Financial industry client spoof
- Head office spoof
- Payroll spoof
- Supplier/contractor swindle
Business executive spoofs
Gift card variation
A scammer sends an employee an email that appears to come from the owner, the president or another high-ranking employee. The email claims the boss is working offsite and needs help to buy gift cards for employee rewards or birthday gifts.
Wire transfer variation
In this variation, the email directs the employee to send an urgent, large wire transfer (e.g., more than $100,000) to a foreign account.
Financial industry client spoof
A scammer targets financial institutions, investment brokers and financial dealers with a spoofed email that appears to come from an existing client. The email directs the business to do an urgent wire transfer, usually to a foreign account.
Head office spoof
A scammer calls a franchise business and claims be from the head office. They tell the employee who answers the phone that there are problems with one of the financial products offered, such as gift cards or money transfer services. They ask the employee to select some prepaid cards, activate them, and provide them to the scammer. The scammer may also ask them to conduct a series of money transfers.
Payroll spoof
A scammer sends an email that appears to come from an existing employee. They request a change to the employee’s direct deposit information. This tricks the company into depositing the employee’s paycheque into a fraudulent account.
Supplier/contractor swindle
A scammer targets businesses that have an existing relationship with a supplier, wholesaler or contractors. They send a spoofed email informing the business of a change in payment details. The email provides new banking information. It requests that the business make future payments to this “new” account.