Cyber Security Alerts & Notifications

Cyber security alerts and notifications provide timely information about current security issues, vulnerabilities, and threats. If you are a B.C. Public Service employee and believe your system may be compromised or at risk, please contact the 7-7000 Service Desk via email or phone 1-866-660-0811, option 3.

Reminder: Spoofing Emails

Please NOTE: “The B.C. Government has become aware of malicious pop-ups appearing on B.C. Government devices asking the user to call a 1- 800 number where an intruder masquerading as a service desk analyst takes remote control of your device. This is a ‘Scareware’ tactic, do NOT action this in any way; if you receive this pop-up, contact 250-387-7000 option 1 immediately.”

Article of interest: https://support.microsoft.com/en-ca/help/4013405/windows-protect-from-tech-support-scams

Many modern phishing attempts use the names and emails of your contacts and business partners to try and fool you. Use these tips to avoid falling for these scams.

Carefully inspect all emails, even if it appears to be coming from someone you know.
Be vigilant and safe whenever you see links or attachments in your emails.
If you suspect that spam emails are being spoofed to look like they are from someone you know, contact that person through a different channel (phone, in-person, lync) and let them know.
If you suspect that someone is spoofing emails to look like they are from you, check in with your contacts and see if they have received anything suspicious.
If you are a government employee and your @gov.bc.ca account has received an email with suspected malicious links or attachments, report it to SecurityInvestigations@gov.bc.ca.

Phishing Emails

The emails (subject line) listed below have been deemed as malicious and should be deleted immediately. If you have received a suspicious email that is not listed below, please report the email by sending it as an attachment.

Oct 23, 2020: {Update} Expiration Notification Friday, October 23, 2020

Oct 23, 2020: File REF:xxxxxx (*Subject line is prefixed with first name of recipient email address, and where x=six random numbers)

Oct 20, 2020: Meeting ID “Conferencing Invitation

Oct 20, 2020: VO IP Duration (10.0 sec)

Oct 16, 2020: {Update} Expiration Notification Friday, October 16, 2020

Oct 15, 2020: {Update} Expiration Notification Thursday, October 15, 2020

Oct 14, 2020: Today Expiration 10/14/2020

Oct 9, 2020: Received Friday 12:00 PM (GMT-4) 09/10/2020

Oct 9, 2020: Thursday 09:08 AM EDT As of 10/08/2020.

Oct 9, 2020: Friday 09:08 AM EDT As of 10/09/2020.

Oct 5, 2020: Notification Access Monday, October 5, 2020

Oct 5, 2020: Sheduled Access Confirmation Monday, October 5, 2020

Sep 30, 2020: Linda Sikora. Younghusband Resources Ltd.)

Sep 29, 2020: Recent Activity Report 9/30/2020

Sep 28, 2020: gov: Skype notificaton for <employee’s name>

Sep 28, 2020: Fw: STATEMENT – Balance due

Sep 28, 2020: Please respond to JP.

Sep 18, 2020: Contract Proposal 18\09\2020

Sep 17, 2020: “Shipment Confirmation #” Sent by several compromised user accounts (same org): @moorepediatricnc.com

Sep 8, 2020: Here?

Jul 22, 2020: Voice mail ( 56 seconds)

Jul 13, 2020: New Shared File Fscxxxxxx From Your Contact (where x=six random numbers)

Jun 29, 2020: EARNING STATEMENT FOR JUNE-2020

Jun 26, 2020: 🎵 6/22/2020 3:48:07 PM (Random date and time. Email message includes malicious ‘Read Your Voicemail’ link)

Jun 22, 2020: 2020-0140.....RE: Documents from Rentokil [K/0034O222/0001]

Jun 17, 2020: 78days_Overdue_INV-44637819 (Note: INV number may be different)

Jun 17, 2020: RE: Benefit (suspicious link contains a credential harvester)

Jun 12, 2020: 'Alert VM Message TO’

Jun 10, 2020: 🚩 Can you use all 20GB? 🎧 It's only $68 per month

Jun 3, 2020: Password Expiration Report : Wednesday, June 3, 2020’

Jun 2, 2020: Alert VM Message TO

May 28, 2020: Notification

May 26, 2020: Password Service Alert for firstname.lastname@gov.bc.ca

May 26, 2020: New unread message

May 21, 2020: ‘Audio To Cannabis On 21 May, 2020 ##REF:QZARSG_14035-6308’

May 19, 2020: ERR01 Delivery Request

May 14, 2020: Password due for <email address>

May 13, 2020: Ever-Cold Storage

May 12, 2020: Re: Mail Case 404SD

May 12, 2020: 🕪Gov_NewAudioMessage.htm

May 11, 2020: Sheila Morrison Shared file with you Renewal Policies

May 11, 2020: Cypress Proposal (this is a credential harvester, do not open)

May 8, 2020: Audio: :Message Received on 7 May, 2020

May 6, 2020: <Name> Audio Ref: 9872 on 5/5/2020

May 5, 2020: Task (Use extreme caution when opening an email with this subject line, it is usually a spear phishing attempt - ensure you verify the sender's email address)