The Royal Canadian Mounted Police in Nova Scotia has issued a stark warning to businesses across the province about a significant increase in sophisticated email scams targeting companies of all sizes.
Growing Threat to Business Security
Nova Scotia RCMP reported that business email compromise scams have been rising steadily throughout 2025, with criminals becoming increasingly sophisticated in their approaches. These scams typically involve fraudsters impersonating company executives or trusted vendors to trick employees into transferring large sums of money or revealing sensitive financial information.
The police force emphasized that these are not random attacks but carefully researched operations where scammers study their targets extensively. They often monitor company communications and organizational structures to make their fraudulent requests appear legitimate.
How the Scams Operate
According to RCMP investigators, the scams follow several common patterns. Criminals may compromise legitimate business email accounts through phishing attacks, then use these accounts to request urgent wire transfers from finance departments. Alternatively, they create nearly identical email addresses to those of company executives and send payment instructions to accounting staff.
The timing of these attacks is often strategic, occurring during busy periods or when actual executives are traveling and less accessible for verification. The criminals create a sense of urgency to bypass normal security protocols and verification processes.
Protection and Prevention Measures
RCMP recommends that businesses implement multiple verification steps for financial transactions, particularly those requested via email. Companies should establish clear protocols requiring secondary approval through different communication channels, such as phone calls to verified numbers, for any payment instructions or changes to vendor information.
Other protective measures include implementing multi-factor authentication on all business email accounts, conducting regular employee training on recognizing phishing attempts, and maintaining updated cybersecurity software. Businesses should also monitor their financial accounts regularly for suspicious activity.
The Nova Scotia RCMP encourages any business that suspects it has been targeted by such scams to contact local police immediately and report the incident to the Canadian Anti-Fraud Centre. Quick reporting can sometimes help recover funds and prevent further victimization of other businesses.
