Skip to content

City of Richmond warns of phishing emails mimicking city correspondence

The city said it locked down the system quickly after being notified by the public of strange emails.
web1_email-intrusion

The City of Richmond is warning the public of unsolicited emails they might receive after what appeared to be an external “intrusion” into its email system.

After hearing from a number of residents about strange phishing emails that were mimicking city emails and information in them, the city has hired a cyber-security company to help them tackle the issue.

“We were able to lock it down quickly,” said city spokesperson Clay Adams.

It doesn’t appear, however, the intrusion went farther than the email system, and no one’s financial information should be compromised, Adams added.

The emails sent to various people appear to be an attempt to install malware onto people’s computers.

Martin van den Hemel received one of these emails, referring to a ride-hailing business he used to work for. The email appeared to be from a previous city employee who used to be the director of bylaws but who left the city two years ago.

The email contained very specific information about tickets issued to raid-hailing drivers and how they could be resolved – information was supposedly in an attachment.

When he checked the actual address of the email purporting to be from the city, however, he noticed it wasn’t a city email.

Any email from the city will be from a “@richmond.ca” email, Adams explained. The city is warning people not to click on any links or download files from any emails that appear to be from the city but aren’t from a @richmond.ca address.

The warning was posted on the home page of the city’s website this week.

“The City is aware that some people are receiving unsolicited emails claiming to be from the City or municipal officials. These emails are not legitimate. Our security teams are engaged and working to resolve this situation as quickly as possible,” reads the warning.