Protecting the information of our clients, employees and partners is of the utmost importance to us.
Not only are companies seeing an ever-growing number of cyberattacks, individuals too are targeted by various schemes which seek to obtain access to their personal data.
We want to give you tools to develop good IT security habits. These tools were inspired by experts in the field.
One click away from your personal data
You have probably at one time or another received an email or text message telling you that, following a government tax cut announcement, you are entitled to a sum of money. Or you may have received a message from FedEx asking you to pay to receive a package… which you probably never ordered. These are all phishing attempts.
In 2022 alone, the Canadian Anti-Fraud Centre received fraud and cybercrime reports totalling a staggering $530 million in victim losses. Nearly a 40% increase from the unprecedented $380 million in losses in 2021.[1]
How to recognize a phishing attempt?
- Phishing attempts[2] usually take the form of an email or text message containing a hyperlink that you must click on or an unknown attachment to download (PDF, image, Word file, photo, etc.).
- The sender of the message is often unknown to you and addresses you with a general salutation such as “Madam, Sir” or “Dear customer.”
- The message asks you to confirm certain personal information, citing various reasons: to avoid closing a bank account, to reschedule the delivery of a package, to confirm a subscription, etc.
- The message often conveys a sense of urgency to encourage you to act quickly. A threatening tone can also be used.
- The signature line is often very general, identifying the sender as being from the “IT Security Division” or the “Customer Service Department.”
What to do if you are a victim of a phishing scam? [3]
✅ Change the compromised passwords |
You should also update all your accounts and use strong and unique passwords. Consider using passphrases made of four or more random words and 15 or more characters for extra security. |
✅ Enable multi-factor authentication |
Multi-factor authentication adds an extra layer of security to your accounts and devices. By requiring at least one other authentication method in addition to your password, this type of authentication validates that it is you who is trying to log in to your account, and not a scammer. This makes it harder for cybercriminals to access your data, even if they steal your password. |
✅ Call your financial institution |
If you gave out financial information (like a credit card number), contact your bank. This will allow you to recover lost funds and avoid any further losses, while monitoring your transactions. |
✅ Consider deleting your inactive accounts |
If cybercriminals gain access to your email or social media accounts, they can send phishing links to your contact list. Deleting or suspending your inactive accounts on these platforms may prevent them from doing so. |
✅ Check your device for viruses |
If the message contained a suspicious link or attachment, install antivirus software and scan your device for viruses that may have been downloaded. |
✅ Report the incident |
You can report phishing scams and other online fraud to the Canadian Anti-Fraud Centre or by dialling 1-888-495-8501. You should also report the incident to your local police department. |
Always be cautious and wary in your communications. When in doubt, be particularly cautious: the security of your data is essential!
André Daoud, B. Sc. A.
Vice-president, IT and Technology Management
[1]https://www.rcmp-grc.gc.ca/en/news/2023/fraud-prevention-month-2023-fraud-losses-canada-reach-historic-level
[2] https://www.ulaval.ca/cybersecurite
[3] https://www.getcybersafe.gc.ca/en/resources/what-do-if-you-are-victim-phishing-scam