Employee cybersecurity awareness

Employees are both your weakest link and your best defense when it comes to cybersecurity. That's why it's important to increase their risk awareness and empower them to adopt security practices as part of their daily routine.

Top 5 cyber fraud tactics

1. Phishing

A scammer sends out mass emails or text messages that appear to come from a legitimate company. They attempt to lure you into giving out personal information or prompt you to click links or open attachments that will install malware on your computer.

We've developed new measures to ensure all our members' personal and financial information remains protected.
For more information about these measures and to stay informed of any updates, see how protecting your personal information is our priority - This link will open in a new window..

2. CEO fraud

A scam artist hacks into a CEO's email account and contacts a company employee who's authorized to make international wire transfers. Assuming the identity of the CEO, the hacker asks the employee to transfer money to a foreign account for an emergency or a major acquisition. The situation usually involves multiple email exchanges during which the employee is told to keep it under wraps.

3. Overpayment scam

A new "client" sends a company a cheque in the wrong amount for goods or services and then asks to be reimbursed the excess funds. But the cheque turns out to be fraudulent, so the scammer makes off with the goods or services and the amount reimbursed by the company.

4. Fake supplier scam

A scam artist hacks into the email account of a regular company supplier and asks the company to make payments to a new bank account. The legitimate supplier therefore never receives the company's payments.

5. Fake websites

A scammer fairly easily copies a company or government website and makes it look like the real thing, which they then use for various fraud schemes.

What's your best defense?

1. Be on the lookout

If something doesn't look right, flag the problem and investigate further.

2. Check the origin of email and text messages

Was the message expected or solicited? Whatever the case, never give out personal information by email or text.

3. Set up a rigorous procedure for e-transfers

It should be written down and known only to the employees concerned.

4. Make sure transactions with suppliers and customers are secure

Confirm any changes to supplier banking information by calling the supplier at the phone numbers you have on file.

5. Train staff

Employees must be made aware of the latest fraud schemes and be trained on procedures and controls.

6. Create strong passwords

It can take a hacker just minutes to crack a password that doesn't follow our guidelines. A password should contain at least 10 characters, 1 capital letter, 1 digit and 1 special character (e.g., ! $%? & _ @ + =). A password manager is also much safer to use than an Excel spreadsheet or a post-it note.

Submit a comment

All submissions are moderated and published once a day, Monday to Friday, from 8:30 a.m. to 4:30 p.m. All off topic comments or offensive content will not be posted.

Terms of use and moderation policy

Fields marked with an asterisk (*) are required.