Your company is participating in a Cyber Security Education Program.

This Tax Assessment Phishing Attack included the following social engineering techniques:

1. Topical subject: Tax Assessment.
2. Use of a "lure email" to lower your guard when receiving the actual phishing email.
3. Use of government of Canada logo to look authentic.
4. Spoofed domain to appear it comes official domain (example: cbsa.lang-fr-en.ca).
5. Presented in both English and French to appear official.

How to spot this was a phishing email:

1. Was this an email you expected to receive? No - Be cautious
2. Did you file your taxes using this email?
3. The sender named email address was not coming from government of Canada (example: gov-ca@secure-login.host).
4. The primary domain was not correct for government of Canada (example: official domains are canada.ca or cra-arc.gc.ca).
5. The link provided used suspicious/spoofed domain (example: cbsa.lang-fr-en.ca).