What is Phishing?
A common trick used by hackers is to send an email, which appears to come from someone you trust. The email urges the recipient to click on a link to verify their account, update “expired” password, or open an important attachment. The email may look real with company logos, links, and branding, but beware – you may have received it from an illegitimate source.
What to do after you’ve been Phished?
- Change all your passwords for the accounts that have been compromised. You must use a different password for each site or account. If you are concerned about keeping track of your passwords, you should use a password manager, for example LastPass or KeePass.
- In case your personal identity was stolen, please report it to privacy@bcit.ca. We also encourage you get in touch and report the matter to your bank(s) and or a credit agency.
- In case of an identity theft, actively monitor your bank and credit card accounts for any suspicious transactions.
Precautions to prevent future scams and Phishing
- All BCIT external emails have a disclaimer, use extra caution when clicking links. Make sure you recognize the sender before opening links or attachments in the email. If in doubt, please flag suspicious emails for IT Services.
- When using @bcit.ca email, you should always hover over the link (don’t click) to see if it starts with BCIT’s adopted Safe Link approach
(https://can01.safelinks.protection.outlook.com/?url=https://actual URL). - If you are not using @bcit.ca email and you notice the link is different, that is an indicator the source is probably illegitimate and is a phishing attempt.
- Subscribe to breach notifications from haveibeenpwned. This will notify you of any breach associated to your email address and the online provider.