Cybersecurity Alerts

Cybersecurity alerts provide timely information about current security issues, vulnerabilities, and threats. If you are a B.C. Public Service employee and believe your system may be compromised or at risk, please contact the 7-7000 Service Desk via email or phone 1-866-660-0811, option 3.

Security Alerts

SEPTEMBER 21 | SUBJECT: (Attention <your name>) | Re-authenticate 2 Factor Authentication (2Fa) | 09/19/2023

You may have received an email earlier from senders:

ryu@lime.plala.or.jp

toshi.nezawa@nifty.com

sakaki25@ballade.plala.or.jp

hashimoto@oasharp.co.jp

kobayashi.yoshimi@white.plala.or.jp

sodeyama.pr@lime.plala.or.jp

kawamitu@lime.plala.or.jp

bimschas@cwbrons.de

With the subject line “(Attention <your name>) | Re-authenticate 2 Factor Authentication (2Fa) | 09/19/2023” please note the dates and times varies between each email. This email contained a link prompting you to click on it and provide your credentials. This email is malicious and should be deleted.

SEPTEMBER 20 | SUBJECT: Benefit package : Compensation Adjustment, Salary-Increase, Insurance Revision for <your name>

You may have received an email earlier today from HR-Payroll-Gov <info@pondmum.com> with a subject line of “Benefit package : Compensation Adjustment, Salary-Increase, Insurance Revision for <your name>”. This email contained a link prompting you to click on it and provide your credentials. This email is malicious and should be deleted.

If you clicked and DID provide your credentials, please immediately change your password to something completely different if possible from a different workstation and contact Security Investigations. If you clicked on the link but DID NOT provide your credentials, you do NOT need to take further action.

SEPTEMBER 19 | SUBJECT: (Attention <your name>) | Re-authenticate 2 Factor Authentication (2Fa) | 09/19/2023

You may have received an email today or last week from senders iimura@sstkyokai.co.jp, bimschas@cwbrons.de, uda@pwrc.or.jp, soumu@pwrc.or.jp, credso@aminoresq.com, koarai@rm.med.tohoku.ac.jp, support@merca20.com, sales@logic-research.co.jp, or themir@mg.themirrorllc.com with a subject line of “(Attention <your name>) | Re-authenticate 2 Factor Authentication (2Fa) | 09/19/2023”. This email contained a link prompting you to click on it and provide your credentials. This email is malicious and should be deleted.

SEPTEMBER 19 | SUBJECT: Review and Sign Gov Files

You may have received an email earlier today from nelton.smith@efinancialcareers.com with a subject line of “Review and Sign Gov Files”. This email contained a link prompting you to click on it and provide your credentials. This email is malicious and should be deleted.

SEPTEMBER 19 | SUBJECT(S): "Re: CONGRATULATIONS! You have won an iPhone 15 Pro" or "Re: Congratulations on being a valued client!"

You may have received an email earlier from an email address 8alWEpn8alWEpn@Ahmedkkk3.onmicrosoft.com or a similar email address ending with @Ahmedkkk5.onmicrosoft.com with a subject line of “Re: CONGRATULATIONS! You have won an iPhone 15 Pro” or “Re: Congratulations on being a valued client!”. This email contained a link prompting you to click on it and provide your credentials. This email is malicious and should be deleted.

Vulnerability Reports

Expand All | Collapse All

September 2023

Resources:

The best protection against all forms of malicious cyberattacks is to arm yourself with the knowledge ahead of time, so when you are faced with these adverse situations you are prepared and ready to respond accordingly.

Read up on the types of malicious cyberattacks you and your colleagues are at risk of falling victim to:

Expand All | Collapse All

Phishing

Phishing is a social engineering method most frequently used by cyber criminals to capture personal and/or financial information. It uses email with faked information and takes the user to dangerous websites. Phishing emails are able to fake the sending address and reproduce logos of legitimate senders such as a bank or a government agency.

A phishing email usually has a few common elements:

It claims to come from a credible organization
It claims to come from someone familiar
A tone of urgency that asks the recipient to take immediate action
A tone of urgency that asks the recipient to take immediate action
A threat of negative consequences, or the promise of some kind a reward

The goal is to trick a user into divulging personal and/or financial data such as credit card numbers, account user names and passwords or other valuable information. In some situations, the phishing email may trick a user into downloading dangerous malware onto their computer.

How do you guard against Phishing?

Remember that legitimate businesses, financial institutions, and help desks should never ask you for personal or confidential information via email, voice or text message. Be ware of unexpected messages and verify them by contacting. Less sophisticated messages may set off alarm bells because there are misspelled words or faulty grammar. You can ‘hover’ your mouse over a URL to see if it is identical to what is written; if they are different, this is an indicator that the source is probably not legitimate.

In General

Be careful if the email was unsolicited.
Be suspicious if the unsolicited email contains spelling errors or incorrect grammar.
The best practice is to not trust supplied links, especially if received in unsolicited emails; use a reputable search engine to look up the address and/or company names and go from there.
Do not reply with any personal, confidential or financial information to ‘verify’ your identity.
Monitor your credit card and bank statements. If you believe you have been a victim of phishing contact your local police to get advice and to file a complaint.
Do not click on “Unsubscribe” in a spam/ phishing email – this lets the spammers know they have hit a “live” address and you will get more emails of this type.
If you believe the email communication to be valid, contact the company directly.
If you are unsure what to do when a suspect email is received, best practice is to delete it.

Read up on the following external resources for a better understanding of phishing emails and how they are composed:

Safety Detectives' guide to phishing defence

Phishing examples from Aura

Phishing examples from Terranova Security

Ransomware

Ransomware is a form of malicious code or malware that infects a computer or network and spreads rapidly to encrypt the data. This malware makes the data inaccessible to the users and the criminals responsible will demand payment from the user in order to have their files unencrypted and returned. The payment is often requested in Bitcoin or other electronic currency. Businesses and individuals worldwide are currently under attack by ransomware. Individuals are reporting incidents in which their systems are frozen while an on-screen message demands payment to have their data returned. Individuals both at work and at home are at risk of these and similar attacks by hackers. Trend Micro researchers anticipate that ransomware will make further grounds in 2018 and that it’s not going away anytime soon.

Steps to lower the risk of infection and to help with recovery

Make sure all software is kept up-to-date with the latest patches including Windows, web browsers, Java and Adobe.
Perform regular backups of your data. Ideally, this data should be kept on a different device other than your computer.
Don’t open links or attachments in emails from untrusted or unknown sources.
Ensure your anti-virus is up to date.
Consider using a security application from a reputable company on your mobile device.
Don’t download or install applications from untrusted or unknown sources.
Never click on pop-up windows that claim your computer has a virus.

How to protect against a ransomware infection

Be skeptical. Do not click on any emails or attachments you do not recognize, and avoid suspicious websites altogether, such as the ads/links that often appear at the right or the bottom of a website. Do not accept any software updates that are triggered from a website or email. This includes offers of Windows 10, and updates to Java and Adobe Flash.
What to do if your workstation or other network-connected device is infected:
If you receive a ransomware pop-up, or come across a file that prompts you to pay a ransom to regain access to your files, you need to:

Disable Wi-Fi (if using)
Disconnect the network cable from the device to try and halt the spread
Leave the device powered on for investigative reasons
Go to another workstation and change key online passwords such as online banking
Report the problem immediately to your IT department

Spyware

Spyware, a kind of malicious software, can monitor and control your computer without your permission. It
may be used to monitor your internet surfing, record your keystrokes and could potentially lead to identity
theft.

Because spyware is mostly focused on information collection or “spying”, the clues that spyware is on a computer can be difficult to spot. Spyware-like services are also sometimes installed ‘legally’ through the
wording of EULA agreements on social media and legitimate software.

The good news is that consumers can minimize how much of their information is collected by following some simple recommendations.

Recommendations

Keep your operating system and web browsers updated. Your operating system (like Windows or Linux) may offer free software “patches” to close holes in the system that spyware could exploit.
Download free software only from sites you know and trust. It can be appealing to download free software like games, peer-to-peer file-sharing programs, customized toolbars, or other programs that may change or customize the functioning of your computer. Be aware, however, that some of these free software applications bundle or hide other programs in the software, including spyware.
Don’t install any software without knowing exactly what it is. Take the time to read the end-user license agreement (EULA) before downloading any software. If the EULA is hard to find — or difficult to understand — think twice about installing the software.
Minimize “drive-by” downloads. Make sure your browser security setting is high enough to detect unauthorized downloads, for example, at least the “Medium” setting for Internet Explorer. Keep your browser updated.
Don’t click on any links within pop-up windows. If you do, you may install spyware on your computer. Instead, close pop-up windows by clicking on the “X” icon in the title bar.
Don’t click on links in spam that claim to offer anti-spyware software. Some software offered in spam actually installs spyware.
Install a personal firewall to stop uninvited users from accessing your computer. A firewall blocks unauthorized access to your computer and will alert you if spyware already on your computer is sending information out.

What to do if you suspect Spyware

If you think your computer might have spyware on it, you should take three steps:

Get an anti-malware program from a vendor you know and trust.
Set it to scan on a regular basis — at least once a week — and every time you start your computer, if possible.
Uninstall unused software from your computer. Review and uninstall what you don’t use.

Social Engineering

Social Engineering is a way that people use normal social interactions to manipulate people to breach security. It isn’t limited to any technology or system, it can be conversation, texting, body language, or email.

The goals of Social Engineering are typically sensitive or personal information, but it can be used to access secure systems. Social Engineering is used for fraud, identity theft, or can be the prelude to a more serious hack.

Usually Social Engineering plays on a person’s expectations, and emotions. Sometimes it means a person is pretending to be a delivery person, or they could pretend to be frazzled and running late. They play on our gut reactions in order to bypass our reasoning.

There is no single technology or strategy that can defend against social engineering. Each person is the front line against this kind of intrusion. The critical element to protect yourself and your organization is critical thinking.

How to Avoid Being a Victim?

Keep your eyes open and ask yourself questions:

If someone wants to enter your house, ask yourself if this is really a secure situation? Are you expecting maintenance or a delivery? Is this person from the company that you’d expect?
Why is someone asking about details about your work? Is this information that could be used
maliciously?
How is this person making me feel? Am I feeling sorry for this person who forgot their keycard? Am I feeling intimitated by this bigshot who demands access and information? Am I feeling like I owe this friendly stranger in the café?
Does this person really have authority? Have I actually seen any of their credentials?
Does it make sense for me to be using my financial information in this situation? Am I dealing with a verified and trusted entity?
Am I communicating in a secure way? Is this connection secure? Can I be overheard?

These questions might give you a sense that something is off about a situation. Be diligent and double-check information. Verify information with a trusted third party. Don’t take everything at face value.

What to do if you think you are a victim?

If you believe your financial accounts have been compromised, contact your financial institution or credit card company immediately. Watch for any unexplainable charges to your account.
Document the situation, report the attack to the police and file a report.
Check your credit report with:
- Equifax Canada – www.consumer.equifax.ca/home/en_ca
- Trans Union Canada – www.transunion.ca
If you believe you might have revealed confidential or sensitive information about your organization, report it to the appropriate Security or Privacy people within your organization.

Cyber-Propaganda

In recent years, we’ve seen Social Media networks being used to spread extremism, erode social trust, and influence elections. By changing people’s perception of the world, cyber-propaganda can manipulate the choices of people.

Read on to learn how you can resist cyber-propaganda.

Fake News

Fake news is being used to spread distrust, as well as change public opinion through manipulation. Fake news is hard to spot right away because the world changes at a rapid pace. That means we need to read everything with a critical eye.

Don’t just browse the headlines. When reading articles online, take a moment to ask some questions before sharing:

Who wrote it?
Is the site credible?
Does the evidence support what the author is claiming?
Is it supported by other articles?
Does the article serve a different purpose?

False Accounts

Not every user account online is who they claimto be. Foreign governments and cybercriminals have been creating fake accounts to generate conflict on the internet. Many of these accounts will pretend to have an extreme version of an existing opinion in order to break trust and cause further divisions between different political leanings. By creating more conflict, this allows groups to influence public decisions.

Before responding to an online post, check these things first:

How long has this user been in existence? Fake accounts are usually only used for short periods of time.
Does this user have a lot of “likes” but not a lot of followers? They could be artificially boosting their popularity.
Does this user often post links using URL shorteners like bit.ly or tinyurl?

Online Radicalization

Extremist groups use the internet to radicalize and recruit new members into violent and dangerous
movements. You might know someone who is at risk of online radicalization.

Watch for these signs:

Is the person reposting or linking to radical content? (hate groups, extremist groups)
Are they withdrawing from their usual social networks?
Are they exhibiting black-and-white thinking around social topics?
Is the person expressing extreme anger when faced with disagreement?

What you can do:

If you feel safe doing so, talk to someone if you’re worried they’re at risk of radicalization
Report online material promoting terrorism or extremism
https://www.canadiancrimestoppers.org/tips
If you suspect a crime has occurred, report it to your local police force

How to Protect Against Cyber-Propaganda

The propaganda in our social networks can be scary, but we aren’t alone.
Here are some general tips to help resist cyber-propaganda:

Don’t just debunk, support media that is honest and reliable
Practice good information security to prevent your accounts from being breached and misused
Pay attention to those who benefit from the information that you see online
Use social media responsibly and think critically before you share anything

Cybersecurity Alerts

Security Alerts

Vulnerability Reports

17th-23rd

10th-16th

1st-9th

27th- 31st

20th - 26th

13th - 19th

6th - 12th

1st - 5th

23rd - 29th

16th - 22nd

9th - 15th

1st - 8th

25th - 30th

18th - 24th

11th - 17th

4th - 10th

1st - 3rd

28th - 31st

21st - 27th

14th - 20th

7th - 13th

1st - 6th

Resources:

How do you guard against Phishing?

In General

Steps to lower the risk of infection and to help with recovery

How to protect against a ransomware infection

Recommendations

What to do if you suspect Spyware

How to Avoid Being a Victim?

What to do if you think you are a victim?

Fake News

False Accounts

Online Radicalization

How to Protect Against Cyber-Propaganda

Resources

Contact Information

Permanent link to page:

Help us improve gov.bc.ca

Connect With Us

Government A-Z

Services and Information Topics

20^th - 26^th

13^th - 19^th

6^th - 12^th

1^st - 5^th

23^rd - 29^th

16^th - 22^nd

9^th - 15^th

1^st - 8^th

25^th - 30^th

18^th - 24^th

11^th - 17^th

4^th - 10^th

1^st - 3^rd

28^th - 31^st

21^st - 27^th

14^th - 20^th

7^th - 13^th

1^st - 6^th