Your company is participating in a Cyber Security Education Program.

This Vaccine Registry Phishing Attack included the following social engineering techniques:

1. Topical subject to catch your attention (example: Vaccine Registry).
2. "Employer" in <subject> associated with topical subject
3. Fake "cc" for social proofing (example: approved by company "hr").
4. Urgency to act (example: before their first visit).
5. Most phishing attack emails have a sense of urgency.
6. User name, employer name and address to personalize email.
7. Spoofed domain which appears legitimate (example: gov.bc-en.ca).
8. English and French included to appear government official communication.
9. Logo to appear legitimate.

How to spot this was a phishing email:

1. Was this an email you expected to receive? No - Be cautious
2. Did your HR department advise this needed to happen?
3. You should reach out to HR department to confirm.
4. The sender named email address was suspicious (domain is not associated with the official government agency.)
5. Brining up browser and typing in domain used isn't government agency (example: bc-en.ca)
6. The link provided used suspicious domain similar to above.

Note: BC government official domain is "gov.bc.ca".