Phishing scams that infect home computers and potentially allow hackers to invade bank and other accounts are preventable, but White Rock IT manager Chris Zota recommends computer users arm themselves with information and awareness. (AP Photo/Jenny Kane).

Refund emails from City of White Rock a ‘phishing’ scam

IT staff work to nullify security breach in ‘classic phishing campaign’

The City of White Rock is warning residents not to open an email sent to home accounts referring to a refund.

The email – purportedly from a city financial services account – is a ‘phishing’ scam, first revealed to the public in a post Wednesday on the city’s Facebook page, and on the city website. The city’s information technology staff were already at work to nullify impact of the false message as of Wednesday morning, the post noted.

‘Phishing’ is typically used to gather personal credentials of email users and can potentially be used by hackers to invade banking and other accounts.

Corporate administration director Tracey Arthur told Peace Arch News the fraudulent emails came to the city’s attention early Wednesday morning but no information on file with the city was compromised.

Responding to questions by email, city IT manager Chris Zota said that approximately 2,700 email messages had been sent out by the time the security breach was detected.

“We temporarily closed the affected user account, changed credentials, set up the user to use multi-factor authentication, investigated the breach (reviewed logs and settings), (and) reminded the user to employ proper cyber hygiene (using different passwords for different accounts),” Zota said.

He said, however, that no purpose would be served by attempting to assign blame for the breach, noting that “clever social engineering methods are employed to craft phishing campaigns designed to steal user credentials,” and that “this was a classic phishing campaign.”

“It’s important not to jump to any conclusions here to the effect that the user did something wrong,” he said. “We don’t know how these credentials were compromised.”

The best policy for the public is to “follow cyber best practices, awareness and education on the topic of cyber security,” Zota said.

“While employing the use of a good anti-malware software helps, I can’t stress enough the importance of education and awareness.”

He said a “simple yet effective overview of phishing” can be found online at phishing.org.

People can use also the site https://haveibeenpwned.com/ to see if their email accounts have been compromised, Zota suggested.

Get local stories you won't find anywhere else right to your inbox.
Sign up here

Just Posted

Sources, City of White Rock launch Thanksgiving Food Drive

Volunteers, donations sought for annual food-bank initiative

Surrey man charged with series of break-ins in Surrey, Langley

David Sinh Liu is facing 10 charges related to seven recent break-ins

COVID-19 exposures at Surrey schools: An updated list

Fraser Health has created a new webpage listing COVID-19 cases in schools

Future of Massey Tunnel replacement in the air after snap election called

On Friday the ministry said it was identifying property ‘necessary for future infrastructure improvements’

COVID-19: 4 more deaths, 366 new cases in B.C. since Friday

A total of 8,208 people in B.C. have tested positive for COVID-19 since January

Group wants Parliament, courts to hold social media to same standard as publishers

Daniel Bernhard made the comments shortly after Friends of Canadian Broadcasting released a research paper

COVID-19 testing lineup wraps around block in Chilliwack

Testing lineup includes seniors, children and their parents as demand seems to surge

B.C.’s Chase Claypool catches first NFL touchdown pass

Abbotsford grad establishes new record for longest scrimmage TD by a Canadian

B.C. has highest number of active COVID-19 cases per capita, federal data shows

B.C. currently has 1,803 active cases after weeks of COVID-19 spikes in the province

Join Black Press Media and Do Some Good

Pay it Forward program supports local businesses in their community giving

181 days gone: Family continues to look for man last seen in RCMP custody 6 months ago

Brandon Sakebow’s last known location was leaving Mission RCMP cell, police say; family has doubts

Mission poker player missing in Nevada is found alive and safe

Brad Booth went missing in July 13, found in mid September

Most Read