A Canadian University Gave $11 Million To a Scammer

A Canadian university transferred more than $11 million CAD (around $9 million USD) to a scammer that university staff believed to be a vendor in a phishing attack, a university statement published on Thursday states. From a report: Staff at MacEwan University in Edmonton, Alberta became aware of the fraud on Wednesday, August 23, the statement says. According to the university, the attacker sent a series of emails that convinced staff to change payment details for a vendor, and that these changes resulted in the transfer of $11.8 million CAD into bank accounts that the school has traced to Canada and Hong Kong. The school is working with authorities in Edmonton, Montreal, London, and Hong Kong, the statement reads. According to the university, its IT systems were not compromised and no personal or financial information was stolen. A phishing scam is not technically a "hack," it should be noted, and only requires the attacker to convince the victim to send money. The school's preliminary investigation found that "controls around the process of changing vendor banking information were inadequate, and that a number of opportunities to identify the fraud were missed."

Re:How is this any different?

[Mitreya]

Not really any different than all the shysters applying for grants for research projects at any University and providing bullshit results for the funding and additional funding?

Eh? Have you ever applied for a grant?

1) Grant application goes through a peer review -- so at the very least you need to convince ~5 peers and at least 1 program officer that your research is worthy of funding.
2) 95% of money goes to the university and to students or postdocs (professors can only pay themselves in the summer for up to 2 months at most)
3) You have to do annual reports, follow a bunch of rules on anything you buy, fill out an ungodly number of conflict-of-interest forms.

I could go on. But it is really, really different from just getting the money, I assure you.