October is Cyber Security Awareness Month (Cyber Month) in Canada, and we at <company name> are proud to be working with Get Cyber Safe as champions to help Canadians stay safe online. Cyber Month is an important time to reflect, as individuals and as an organization, on how we can protect ourselves and our loved ones online. Here at <company name>, we know that phishing is one of the most common cyber threats affecting Canadians. That’s why we want to help all employees learn more about phishing and how to protect ourselves and the people in our lives.
Knowing how to spot a phishing message can be difficult if you aren’t sure what signs to look for. After all, cyber criminals are skilled at tricking their victims into giving up sensitive information.
That’s why the best way to fight phishing is to arm yourself with knowledge. Understanding phishing and the signs to look for will help you to protect your personal data from would-be cyber criminals.
Here are a few ways you can protect yourself from phishing scams:
Learn how to recognize the different forms of phishing
Most people are familiar with phishing emails or messages. But there are other types of phishing scams that are worth knowing about:
Smishing is a phishing attempt through SMS (text message).
Spear phishing is a hyper-targeted phishing attempt. In spear phishing scams, a message is designed to sound like it’s coming from a source you know personally.
Whaling is a phishing attempt aimed at a high-profile target. For example, they might target a senior executive or other high-ranking officials in an organization or government department.
Spoofing involves creating a fake website to get someone to share their personal information.
Get familiar with the signs of a phishing message
The best ways to protect yourself against phishing are knowing how to recognize the signs and being cautious any time you receive a suspicious message. Some visual signs to watch out for include:
Typos
Including incorrect sender email addresses, links that don’t go to official websites and spelling or grammar errors beyond the occasional typo.
Unprofessional design
Such as incorrect or blurry logos, image-only emails and emails with poor formatting.
Suspicious attachments
Like receiving attachments that you didn’t ask for, weird file names and uncommon file types (like an .exe).
Other phishing signs may take more time to identify, because they aren’t always obvious, which include:
Urgent or threatening language
Real emergencies don’t happen over email. Cyber criminals will often pressure you to respond quickly by using threatening language. For example, they might tell you that they’re going to close your account or take legal action against you.
Requests for sensitive information
Most legitimate organizations like the government or your bank, would never ask you for personal information over email or text message. Be suspicious of links directing you to login pages and requests to update your account or financial information.
Anything too good to be true
Winning a contest is unlikely, but winning a contest that you didn’t enter is impossible. Cyber criminals may send you suspicious offers, like winnings from giveaways you never entered or prizes you must pay to receive.
<Optional paragraph to remind your employees of your company’s cyber security plan/policy and/or best practices>
Putting it all together
While there isn’t a foolproof way to spot every phishing attempt, knowing the different types of phishing scams that exist and the most common signs to look for, can help fight phishing and protect yourself from falling victim to an attack. Trust your instincts. If something seems too good to be true or if it feels suspicious, it probably is. Remember: it’s always safer to delete a message than to act on it.
To learn more about phishing and other cyber threats, check out GetCyberSafe.ca.
If you have any questions or concerns about cyber security at <company name>, contact <email address>.