GBARC Forum
Cybersecurity Update: Phishing attempt being sent to RAC emails - Printable Version

+- GBARC Forum (https://www.gbarc.ca/ForumBB)
+-- Forum: Amateur Radio (https://www.gbarc.ca/ForumBB/forumdisplay.php?fid=5)
+--- Forum: NEWS (https://www.gbarc.ca/ForumBB/forumdisplay.php?fid=23)
+---- Forum: ISED, RAC Bulletins (https://www.gbarc.ca/ForumBB/forumdisplay.php?fid=13)
+---- Thread: Cybersecurity Update: Phishing attempt being sent to RAC emails (/showthread.php?tid=1262)



Cybersecurity Update: Phishing attempt being sent to RAC emails - Richard VE3OZW - 2024-08-03

[Image: f2154403-e691-0bbb-3d50-5331bcceb6fa.png]
Cybersecurity Update: Phishing attempt being sent to RAC emails
https://www.rac.ca/update-on-phishing-attempts-and-cybersecurity-tips/
[Image: 9937ab7f-cbbf-4592-8274-9037fd87a2a4.jpg]
RAC Bulletin August 2 , 2024:
There have been several recent reports from RAC members of phishing attempts by someone purporting to be from Radio Amateurs of Canada or is forwarding a message on their behalf.
Microsoft: "Phishing attacks come from scammers disguised as trustworthy sources and can facilitate access to all types of sensitive data. As technologies evolve, so do cyberattacks."

Phishing attempts use publicly available information to fake legitimacy. In some cases they use the names and contact information of RAC officials to gain your trust.
----
For example, today's phishing attempt uses the fake heading "Minutes and Announcements 8/2/2024" and states:
"You've received an secure message from Phil A McBride from Radio Amateurs of Canada."
It then instructs recipients to save and open an attachment and then sign in using their own email address. Please do not follow the instructions!Note: One way to recognize that this is a phishing attempt is to look at the email address that it is being sent from. In this case it is from (@varriello.com) which is not a RAC email address.

----
 

RAC's Cybersecurity Efforts
To date, there have been no direct successful attacks on the RAC computer system. Unfortunately attempts to defraud people through email messages and phone calls are a part of the world we live in today.
We will continue to take measures to ensure that our computer system is as safe as possible and that our members are provided with information.
Radio Amateurs of Canada is continuing to increase our cybersecurity. We do not keep any financial information and only widely available personal information (such as name, call sign and dates relating to current membership) is available in our system so our risks are considerably less than compared to commercial systems.
Note: Radio Amateurs of Canada collects personally identifiable information about you when you voluntarily provide it. When you apply for membership and subscription services, or provide your personal contact information for publication or product orders, every effort will be made to ensure that the information provided will be securely maintained. For more information please see our Privacy Policy and our Cybersecurity webpage.
 

Tips on Avoiding Email Scams
 
Here are a few tips on how to avoid email scams:
--
1) Filter spam.
2) Don’t trust unsolicited email.
3) Treat email attachments with caution.
4) Don’t click links in email messages unless you are confident you know who the sender is.
5) Install antivirus software and keep it up to date.
6) Install a personal firewall and keep it up to date.
7) Configure your email client for security.
---
In closing, any email claiming to have your @myrac.ca address and password is a scam and should be deleted.
Radio Amateurs of Canada will never ask people to download files from a third-party site in their email communication.
Always check to see if the sender of a suspicious email has an @rac.ca email address as all RAC officials use @rac.ca.
If you are concerned or suspicious always contact the RAC office before opening any files in an email message that appears to come from RAC. 
Thank you for continuing to notify us about cybersecurity threats! 
Alan Griffin
RAC MarCom Director