October 8, 2018

Cyber Security Awareness Month: Week 2 - Don’t click that link!

In our second week of our cyber security awareness campaign, we are taking a look at phishing attacks. This October, make sure that you don't fall for any spooky online tricks!

What is phishing:

Phishing is a type of deception designed to get you to do one of the following:

Where does phishing happen?

Often phishing scams rely on placing links in e-mail messages, on websites, or in instant messages that seem to come from a service that you trust, like your bank, credit card, social networking site, or even BCIT.

Things to look for:

Look up the sender:

Highlight the links – but don’t click them!

Look for bad grammar:

What to do:

If you suspect a message is a phishing scam, follow these tips

  1. Don’t click anything in the email
  2. Delete the email
  3. Trust your gut, if it doesn’t seem legitimate it probably isn’t.
  4. If it came into your BCIT mailbox, report it to BCIT IT Services at techhelp@bcit.ca

Important: If you have already clicked on a link or provided your personal information change your password for the affected account. If you use the same email and password for multiple accounts, change those too! If you have provided someone your BCIT credentials, login to myBCIT and change your password immediately.

For more information, check out the following resources:

BCIT is committed to taking appropriate measures to preserve the confidentiality, integrity, and availability of information and information technology (IT). All users at BCIT are responsible for:

•Taking appropriate measures to prevent loss, damage, abuse, or unauthorized access to information assets under their control
•Promptly reporting all acts that may constitute real or suspected breaches of security including, but not limited to, unauthorized access, theft, system or network intrusions, willful damage, and fraud.
•Looking after any physical device (tools, computers, vehicles, etc.) and access articles (keys, ID cards, system IDs, passwords, etc.) assigned to them for the purposes of performing their job duties, taking courses, conducting research, or otherwise participating within the Institute.
•Respecting the classification of information as established by the information owner