Spear Phishing Scams — Stay Vigilant

/in ,

Spear Phishing.

Recently, HR and Payroll received several obviously fake emails to update direct deposit information for payroll.

The messages were well researched!

  • sent to the personal email addresses of different HR/Payroll employees
  • greeted the HR/Payroll employee by name
  • signed in the name of a real Menno employee
  • includes the real employee’s position or job title

This is not random phishing but targeted SPEAR PHISHING !!  HR and Payroll are not falling for these attempts to steal pay cheques.

 

What should you do?

  1. Please be alert.  If you get any message that seem fishy, immediately forward to Support@BeAdaptive.ca and mark the subject “URGENT”.
  2. During this time of transition in leadership (any time, but especially now), if anyone gets messages requesting gift cards, or anything out of the ordinary etc. please send a copy to Pearl when you forward the message to Adaptive.
  3. Remember, too:  If anyone has fallen victim to any type of phishing or scam email, call Adaptive immediately 604-357-3456.  They can help put a stop to things faster when they are informed early.  They are on call 24×7 to keep us safe.  (YES, call at midnight if you have to… much better than waiting hours until morning.)
  4. Please share this message with your team and talk about it with your teamEveryone who has email is a potential target.  Awareness is a powerful defense.

Thanks for doing a great job and stay vigilant!!

 

Cybersecurity Awareness Part 4: Recognize and report phishing – see it so you don’t click it!

/in ,

It’s easy to avoid a scam email, but only once you know what to look for. At Menno Place, we can make a huge difference by practicing the basics of cybersecurity. This week, let’s learn about Recognizing & Reporting Phishing!

Read more

Cybersecurity Awareness Part 3: Updating software keeps your information secure!

/in ,

One of the easiest ways to keep your information secure is to keep your software and apps updated. At Menno Place, we can make a huge difference by practicing the basics of cybersecurity. This week, let’s learn about Updating Software!

Read more

Cybersecurity Awareness Part 2: Keep your passwords safe!

/in ,

Passwords are the keys to your digital castle. At Menno Place, we can make a huge difference by practicing the basics of cybersecurity. This week, let’s learn about Strong Passwords & Password Managers!

Read more

October is Cybersecurity Awareness month! Part 1: Multi-Factor Authentication adds protection.

/in ,

There are all kinds of ways to keep your online data protected. At Menno Place, we can make a huge difference by practicing the basics of cybersecurity. This week, let’s learn about Multi-Factor Authentication!

Read more

How to Report Malicious Spam Email

/in

If you receive a suspicious email, the FIRST thing to do is report it to our IT company:

Adaptive ITwww.beadaptive.ca

604.357.3456

local: 2241

supportATBeAdaptive.ca  |  (replace AT with @)

CEO and Supervisor Scam Emails – What to Watch For

/in

As we have new leaders at Menno Place, it is important to be reminded that NO ONE will ask you to purchase ANYTHING on their behalf.

The CEO won’t call, text or email you to purchase anything for you (including gift cards).

The new Director of People and Culture will not call, text or email you ANYTHING (including gift cards).

You will NEVER be asked to spend your personal money for Menno Place’s needs – so DON’T!

What to do if you receive an email or text asking you to purchase something for Menno Place, Executive, your Supervisor or the CEO:

  1. If you receive a suspicious email, the FIRST thing to do is report it to our IT company BEST BY PHONE:
    Adaptive IT – www.beadaptive.ca  |  604.357.3456  |  local:2241  |  supportATBeAdaptive.ca (replace AT with @)
  2. Forward the email to supportATBeAdaptive.ca and the individual that is asking you to purchase items, so that they are aware.
  3. Delete the email FROM YOUR INBOX.

 


Phishing Awareness – Watch out for scammers in your email

/in ,

Are you PHISHING aware?

Cyber-criminals use phishing attacks to attempt to get you to provide them with passwords, accounts, data or money. Clicking on a link or replying to a phishing email can expose the Menno Place server to harm or ask you to provide money/gift cards that cannot be retrieved.

Ask yourself:

  • Who sent this to me?
  • Is this relevant to the work I do at Menno Place?
  • Does this make sense to me?
  • Am I too curious?
  • Am I being asked to do something unacceptable – like purchase something with my own money?

Common clues of phishing email:

  1. The sender’s email address is suspicious
  2. Hovering over a link in the email reveals suspicious URL (web address)
  3. The message has a sense of urgency

Take THREE minutes to watch this important message on how to spot a Phishing email

All Menno Place employees are reminded to never interact with suspicious emails. If you receive a spam/phishing email, remember the following:

  • Never respond to spam/phishing emails. If you suspect that a message is malicious or suspicious, please forward the email to support@beadaptive.ca so that their team of IT security analysts can analyze and confirm; and if necessary add security controls to prevent similar emails appearing in other users’ inboxes.
  • Do not open attachments or click on links unless you recognize the sender’s name AND email address, and know that the content is safe. If you are asked to provide your username and password, DO NOT.
  • Call Adaptive Support at (604) 357.3456 to verify if the request for login details is legitimate. When in doubt, DON’T share your password.
  • DO NOT purchase gift cards with your own money for any reason, including gifts for the staff – even if the request appears to come from the CEO. If you receive an email like this and want to confirm the request from the real person at Menno Place, you can open a NEW email, type in their ACTUAL email address and ask them if they are requesting this from you.
  • Do not click on “unsubscribe” in a spam/phishing email – this lets the spammers know they have a “live” address and you will get more email of this type. Delete the email.
  • Do not click on any links in the spam/phishing email – this will most likely take you to a forged or compromised page that might attempt to install malicious code on your computer.
  • NEVER divulge your password to ANYONE, no matter how legitimate the request may sound.

GUIDES, INFOSHEETS, AND RESOURCES (source: Government of BC website)