Spot a Phishing Email

Cyberattacks are on the rise as scammers take advantage of the COVID-19 pandemic by sending phishing emails, texts and phone calls claiming to be from legitimate organizations with information about COVID-19.

Phishing (pronounced fishing) is a term that describes an attempt to trick unsuspecting email recipients into taking an action such as opening an attachment, clicking on a link, or redirecting them to an infected website that results in a malicious outcome.

Did you know? 1 in 25 branded emails are a phishing email.*

One of the two most popular brands phishers is Microsoft (42%)*. Microsoft Office users are the most at risk because hackers often disguise their malware as Office file email attachments to trick users into clicking on them.

Did you know? 48% of malicious email attachments are Microsoft Office Files.*

TIP: Always check attachments before clicking or have them verified by your IT department to ensure that they are safe to open.

*Source: Symantec 2019 Internet Security Threat Report (ISTR)

We’ve compiled some key indicators to spot a phishing email:

How to spot a phishing email

If you think you’ve received a phishing email:

  1. Report it
  2. Delete it

Reporting a fraudulent email to the organization being spoofed can help prevent other people from being victimized. To report a fraudulent email, be sure to send the email as an attachment.

The Canadian Anti-Fraud Centre has compiled a list of the reported scams exploiting COVID-19.

The government of Canada has information for Canadians about COVID-19, including a toll-free phone number and email address here:

We can help you take steps toward transforming your people from cybercrime targets to active contributors to your cybersecurity with our Security Aware Training.