The IMIT Information Security Office at the First Nations Health Authority (FNHA) is advising First Nations Communities to be wary of emails that appear to come from FNHA employees, but are potentially malicious.
The emails will often come from somebody whose name matches that of a genuine FNHA employee, and may even contain the email address of that employee, but a close examination will reveal these are inauthentic.
Here is an example email header:
From: Jane Doe <email@example.com> Sent: Wednesday, March 2, 2022 9:03 AM To: Jane Doe <Jane.Doe@fnha.ca>
Although the name and email address in the “To" field contains a genuine FNHA email, the sender in the “From" field shows that it is coming from an organization not associated in any way with the FNHA.
This tactic is often called “spoofing," where someone deceives victims over the Internet by pretending to be someone they are not by using the name or email of a trusted organization.
Spoofing hackers can often trick victims into turning over personal information or paying for products and services as a form of financial fraud.
Communities need to be aware of any emails containing FNHA email addresses that refer to payments, invoices, money transfers etc. that contain just a .zip file and password with no other context. There is a high likelihood a hacker is trying to defraud you for money or gain access to your environment.
Communities should verify the sender's email address is actually from an FNHA employee before taking any action, especially before clicking on a link or attachment or making payment on an invoice.
If you have any concerns that you may have inadvertently paid for an invoice sent by somebody not belonging to the FNHA, you should contact the Canadian Anti-Fraud Centre where you can also report a scam or fraud.