Your company is participating in a Cyber Security Education Program.

This Tax Address Phishing Attack included the following social engineering techniques:

1. A "Lure" email was used to create a pre-text for the actual attack email.
2. "Tax Forms" subject based on time of year.
3. From email address using a fake domain which looks governmental (example: "accounts@bcsa-asfc-gc.ca")
4. Unique email, password, link, ... specific for user to appear legitimate.

How to spot this was a phishing email:

1. Was this an email you expected to receive? No - Be cautious
2. Confirm with management or human resources.
3. Always review sender email and determine if suspicious (example: "bcsa-asfc-gc.ca" not associated with government.)
4. This email was/may have been filtered and in your junk mail folder.