Diving Deeper into Phishing Prevention

In an age where digital interactions dominate our daily routines, the threat of phishing looms larger than ever, casting a shadow over the cybersecurity landscape of UBC. Faculty and staff are prime targets for cybercriminals seeking to exploit vulnerabilities in our online defenses. But fear not, for armed with knowledge and awareness, you can shield yourself against these insidious attacks.

Understanding the Menace

Phishing, the deceptive practice of tricking individuals into divulging sensitive information such as passwords, credit card numbers, or personal data, poses a significant threat to both personal and institutional security. According to the 2023 Data Breach Investigations Report by Verizon, phishing attacks continue to be a leading cause of data breaches, underscoring the pervasive nature of the threat and emphasizing the urgent need for proactive measures.

The University in the Crosshairs

With our vast repository of intellectual property, research data, and personal information, UBC has become a prime target for cybercriminals seeking lucrative opportunities for exploitation. Recent incidents have highlighted the severity of the threat, with our university experiencing a surge in phishing attempts aimed at stealing sensitive information or disrupting critical operations. These attacks not only jeopardize the integrity of research endeavors but also compromise the privacy and security of faculty, staff, and students alike.

Top Tips for Protection

1. Exercise Vigilance: Phishing messages can come in many different disguises, from sophisticated deception to obvious fraud. Watch for the [CAUTION: Non-UBC Email] banner at the top of emails. Emails from UBC colleagues and services will NOT have this banner applied. Do not click on links in messages. Always type the website address into your browser. If in doubt, forward the email as an attachment to security@ubc.ca. If you think you have clicked on a potentially malicious link, contact security@ubc.ca immediately and reset your CWL password.
2. Bolster Security Measures: Enable Multi-factor Authentication (MFA) on all of your personal accounts. MFA is mandatory for all UBC applications that use a Campus-wide Login (CWL). We recommend that you implement MFA on any non-UBC accounts wherever possible to add an extra layer of security.
3. Educate and Empower: Foster a culture of cybersecurity awareness within your unit. Attend our Monthly Workshops. Share what you learn with teammates using our downloadable assets intended to arm faculty, staff, and students with the knowledge and tools needed to recognize and thwart phishing attempts effectively.
4. Report Suspicious Activity: Promptly report any suspected phishing emails or cybersecurity incidents to security@ubc.ca. Timely intervention can help mitigate potential risks and prevent further harm.
5. Stay Informed: Stay abreast of the latest cybersecurity trends, threats, and best practices by joining the Privacy Matters Champions Network and signing up for the Champions Network Newsletter.

The onus falls upon each one of us to remain vigilant in the face of evolving cybersecurity threats. By unmasking phishing threats and adopting proactive security measures, we can safeguard the integrity of UBC’s digital ecosystem and uphold the trust placed in us by our students, colleagues, and the broader community.

Go even further: learn how to identify and report suspicious emails.