Cybersecurity Blog

Alert – Mount Royal Target of Spear Phishing – 05/05/17

Mount Royal employees are being targeted in a new high impact email phishing campaign. What makes it so alarming?

  • The email sender is David Docherty and it appears to be coming from his Mount Royal email address.
  • It disguises its malicious intent by using a friendly tone and it doesn’t contain a link or attachment that usually accompanies a phishing email.

However, it should raise a red flag because normal payments are not requested this way. Take a look:


The personal information is blocked out to protect the user’s privacy.


How do you protect yourself against this type of attack?

  • Always pay attention when processing your emails.  Do not multitask.
  • Be familiar with your department’s procedures and processes. Anytime you receive an email that goes against those procedures or processes, you should contact the sender directly to confirm it’s legitimacy.

Remember, just because an email looks like it comes from someone you know, doesn’t mean it is. Just because an email doesn’t contain links or attachments, doesn’t mean it isn’t malicious.

Huge kudos to our people in Finance who identified this. You are our superheros!!