This is a Phishing Exercise
Last updated on March 13, 2024
Fear not – nothing has happened to your device and no action is required.
The BC Public Service wants to help you and your colleagues be prepared should a real phish arrive. Help us by providing feedback and comments.
If you would like to reach out to us directly, email OCIOSecurity@gov.bc.ca
Learn more about the BC Public Service Phishing and Education program below.
Nobody likes getting phished, whether it’s for real, or as part of a training exercise like this – but it can happen to anyone, which is why it’s important to be prepared.
Learn more about spotting phishing emails below.
How could you have identified this phishing email?
Phishing email clues
- The sender email address is suspicious.
- noreply@emailsecuritymonitor.com does not seem to be affiliated with BC Government.
- The email is coming from an external source.
- Be wary of emails that from external sources.
- The email greeting is vague and does not address anyone specifically.
- Phishing emails will often use generic greetings such as, "Hello" or "Dear Valued Customer."
- Verbiage in the email creates a sense of urgency.
- Phishing emails often create a sense of urgency or fear to provoke strong emotions that affect decision making.
- Hovering over the links reveals that all three options lead to the same suspicious URL.
- Although email filtering systems do a good job of blocking a lot of malicious emails and links, some can still get through. If you see that the link redirects you to an odd URL do not click on the link.
- Scammers will also use URL shorteners such as Bitly or TinyURL to mask the malicious site they are redirecting to.
What would a legitimate notification look like?
If you were to receive a legitimate voicemail notification from an external sender, this is what it would look like:
If you were to receive a legitimate voicemail notification from an internal sender, this is what it would look like:
Why is the BC Public Service sending out these emails?
- Phishing attacks have become more sophisticated over time. Despite best efforts of digital security, some of these phishes still land in employee inboxes.
- Fortunately, evidence shows that exposure to practice phishing emails can help people to protect themselves and others from losses when faced with real phishing attacks by increasing awareness of the techniques that cyber criminals use.
- For more information, review the initial communication or the subsequent follow-up that were sent to provide an overview of the phishing awareness program
What do I need to do?
- Falling for a phishing attack can happen to anyone. Nothing has happened to your device and you cannot be identified. You are not required to contact anyone or to report this to your supervisor or OCIO Security.
How can I be better prepared in the future?
- The BC Public Service wants to raise the cyber-security bar across B.C. You can help!
Analyze before you click
- Review the email address and any links, and avoid downloading unnecessary or unexpected files
Learn more
- Complete trainings through the Learning Centre, such as IM-117.
- Visit our Cyber Threats page
Help us by providing feedback and comments.
If you would like to reach out to us directly, email OCIOSecurity@gov.bc.ca
Together, we can raise the cyber-security bar in BC.
Visit our Cyber Threats page to learn more about phishing and other threats to watch out for online!
Contact information
If you have any questions or concerns, please contact us at OCIOSecurity@gov.bc.ca.