This is a Phishing Exercise

Last updated on April 1, 2025

Phish Happens logo

Fear not – nothing has happened to your device and no action is required.

The B.C. Public Service wants to help you and your colleagues be prepared should a real phish arrive. Help us by providing feedback and comments.

Nobody likes getting phished, whether it’s for real, or as part of a training exercise like this – but it can happen to anyone, which is why it’s important to be prepared. 

Learn more about spotting phishing emails below.   

How could you have identified this phishing email?

An explanation of the clues that were present in the latest phishing exercise administered by the ISB

Phishing email clues

  1. The subject line is suspicious
    • Phishing emails often have subject lines that are unclear or not specific
  2. The sender email address is suspicious.
    • armstrong-keith@emoneysender.com does not seem to be affiliated with BC Government. 
  3. The email is coming from an external source.
    • Be wary of emails that from external sources.
  4. The email greeting is vague and does not address anyone specifically.
    • Phishing emails will often use generic greetings such as, "Hello" or "Dear Valued Customer."
  5. Verbiage in the email creates a sense of urgency.
    • Phishing emails often create a sense of urgency or fear to provoke strong emotions that affect decision making.
  6.  Hovering over the link reveals that it leads to a suspicious URL.
    • Although email filtering systems do a good job of blocking a lot of malicious emails and links, some can still get through. If you see that the link redirects you to an odd URL do not click on the link. Instead, you can report that phishing email by following the steps mentioned in this link or additionally you can also reach out to your ministry security team for assistance.
    • Scammers will also use URL shorteners such as Bitly or TinyURL to mask the malicious site they are redirecting to.

Why is the Ministry of Education and Child Care sending out these emails?  

  • Phishing attacks have become more sophisticated over time. Despite best efforts of digital security, some of these phishes still land in employee inboxes.   
  • Fortunately, evidence shows that exposure to practice phishing emails can help people to protect themselves and others from losses when faced with real phishing attacks by increasing awareness of the techniques that cyber criminals use. 

What do I need to do?  

  • Falling for a phishing attack can happen to anyone. Nothing has happened to your device and you cannot be identified. You are not required to contact anyone or to report this to your supervisor or ECC Security.  

How can I be better prepared in the future?  

  • The B.C. Public Service wants to raise the cyber-security bar across B.C. You can help!
  • If you have a concern about an email you have received and you cannot verify the sender, please use the Report Message/Report button in Outlook

Survey icon

Help us strengthen our training

  • Reach out to OCIOSecurity@gov.bc.ca

Caution icon

Analyze before you click

  • Review the email address and any links, and avoid downloading unnecessary or unexpected files

research icon

Learn more

 

What Can I Do?

Help us by providing feedback and comments.

If you would like to reach out to us directly, email OCIOSecurity@gov.bc.ca  

Phishing Survey

Together, we can raise the cyber-security bar in BC.

Learn more about Phishing

Visit our Cyber Threats page to learn more about phishing and other threats to watch out for online!

Contact information

If you have any questions or concerns, please contact us at OCIOSecurity@gov.bc.ca.