Cybersecurity and Social Impersonation
Cybersecurity and Social Impersonation
Posted on June 4, 2021
One of the biggest vulnerabilities of organizations is phishing and social impersonation attacks through emails. There have been high-profile attacks that have resulted in significant financial losses in the news lately. The Destination IT team has already taken steps to implement tools to better screen out suspicious emails before they hit your inbox, but your continued diligence remains our best line of defence.
Following the below tips will ensure that information stays secure.
- Be wary of emails that say “urgent action needed”, “your account has been compromised” or prompts you to act fast by threatening to close an account. You can safely assume it is Phishing.
- Do not click on links in email unless you were 100% expecting to receive it from the sender
- All internal emails originating from @destinationauto.ca will never display a security banner. This is the first step in recognizing a phishing/spoofing attempt
- You will never be asked to purchase gift cards or cash equivalent instruments by your Managers, Executive Team Members, or someone from our Ownership Team. NEVER.
- If in doubt regarding any request that you receive in an email, pick up the phone and call the email sender with a phone number that you have independently obtained. Do not respond to the email or use the contact information provided in the email, as these may be fraudulent.
- Trust your instincts. If something feels odd – PAUSE. Fraudsters are very practiced in driving urgency and play on our desire to be responsive to our colleagues and customers. You will never be questioned for being cautious.
Password Management
- Maintain strong passwords and NEVER reuse a password for different sites. Have a UNIQUE password for every login.
- Passwords should be at least 8 characters long, contain one uppercase letter, one number and one special character
- Passwords should be changed every 120 days to maintain security.
- Passwords should never be written down or stored in a readable form where unauthorized persons might discover them.