In mid-August, cybercriminals targeted the Canada Revenue Agency with two credential stuffing attacks, obtaining the usernames and passwords of 9,041 GCKey accounts, and 5,500 CRA accounts. The fraudsters then used the stolen login credentials to apply for the Canadian Emergency Response Benefit (CERB). In response to the attack, a statement released by the Office of the Chief Information Officer...

Since December 2019, there has been a coordinated campaign of phishing attempts targeting Office 365 users. Cyber criminals have sent spoofed email, gathering the login credentials and payment details of Microsoft accounts in over 62 countries. According to one report, despite a 42% reduction in phishing attempts in 2019, scams like this Microsoft Office 365 campaign remain a significant threat to...

Less than a week ago, Twitter fell victim to a monumental security breach that saw hackers successfully orchestrate a social engineering attack and take over high-profile Twitter user accounts, including world-renowned companies like Apple and business magnates like Bill Gates and Elon Musk. The cybercriminals used that access to launch a bitcoin scam that generated over $120,000. The attack is...

Know how to identify and prevent a spoofing attack Spoofing attacks are the ultimate form of cybercriminal trickery and deception. Cybercriminals disguise themselves and rely on trust to steal confidential information, install ransomware, and commit other cybercrimes. Spoofing comes down to trust. Cybercriminals hide behind trusted people, domains, URLs, and the technical elements that make up a...

Cyber Monday is right around the corner and this means employees will be shopping online at work. To prepare for the busiest online shopping day of the year, companies need to remind employees of how to be safe online . It’s very easy for even the most cyber-aware employees to get caught up in the rush of online holiday sales and promotions. Retailers know that shoppers want deals and start their...

The lessons learned from cyber security training for employees must extend beyond the office doors. It’s important that employees understand that cyber security awareness matters at the office and at home. We know that many people relax their cyber security practices when they’re using their home computers, laptops, and personal mobile devices. You want to give your staff, your users actionable...

Social networking overlaps corporate and personal lives, and so should the mission to create a culture of security awareness. It’s true. There was little – if nothing – any Facebook user could have done to prevent their passwords from getting exposed earlier this spring. Just look at the facts of the case, said Theo Zafirakos, Chief Information Security Officer and Security Awareness Coach at...

You can have the most powerful, cutting-edge security technology in the world, but if a user clicks on the link in a malicious email, lets a stranger tailgate into your building or uses 1234 as their login password, they unwittingly open your organization up to a cyber security breach. The fact is that the human risk factor remains your greatest point of vulnerability when it comes to cyber...

By this point, the dangers presented by phishing attacks are becoming increasingly well known. Business leaders recognize that information security awareness is critical for organizations of all kinds, and these programs need to focus heavily on phishing if firms want to remain protected in the current cybersecurity landscape. Phishing attacks have become among the most dangerous forms of...

While certainly not the biggest data breach in recent memory, this Rogers Communications incident demonstrates how a seemingly small employee error can have significant consequences in the realm of cybersecurity. Data breaches have become major news topics and with good reason. These incidents have major implications not just for the businesses affected but also for their employees, their...

The consumerization of IT is when employees use their own personal mobile devices, such as laptop computers, tablets, smart phones, etc. at work, referred to as BYOD (bring your own device). This use is becoming increasingly common and exposes companies to a variety of risks, including the protection of personal information. Canadian businesses appear to be leading the world in IT consumerization...