Question Period Note: ANTI PHISHING

Back to search

About

Reference number:
CSJan2024_016
Date received:
Sep 8, 2023
Organization:
Employment and Social Development Canada
Name of Minister:
Beech, Terry (Hon.)
Title of Minister:
Minister of Citizens’ Services

Issue/Question:

Phishing attacks remain a prevalent threat within the Government of Canada, including ESDC.

Suggested Response:

Criminal entities will create fraudulent websites that look legitimate. These websites can pretend to be a financial institution, company offering employment, investment company or government agency. In many cases, fraudsters will use a domain/website URL that is similar to that of the legitimate company or organization with a minor spelling difference.

ESDC has a layered cybersecurity defence that protects the personal information and data of Canadians and mitigates fraudulent activities within its systems.

ESDC works closely with our cybersecurity partners to continue to strengthen our defences in an ever-changing cyber landscape.

ESDC conducts phishing attack simulations on ESDC employees to foster a high level of cyber readiness and to strengthen employee awareness of and defence against phishing attacks.

The Canadian Anti-Fraud Centre, responsible for collecting information and raising awareness on fraud and identity theft, adds another layer of defence against fraud.

If Pressed (Subject)

ESDC remains a lead department within the GC in combating fraud and cyber-attacks to ensure that the personal information of Canadians remains safe.

We take the integrity and confidentiality of this information very seriously and will continue to strengthen our layered approach to cyber security, working with our key partners to ensure an integrated and collaborative effort in the fight against fraud.

The Canadian Centre for Cyber Security is a leader in the GC's layered cyber defence effort and takes urgent action to eliminate fraudulent websites imitating government agency web pages.

Cybersecurity awareness is part of ESDC’s training culture, and employees are ESDC’s last line of defence.

Background:

Phishing is a type of cyber-attack and is one of the most prevalent cyber-attacks in the world right now. Attackers impersonate a trustworthy entity or individual to deceive people into revealing sensitive information, such as login credentials, personal information, financial details, or even installing malicious software on their devices. Phishing is done through various means, including email, text messages, phone calls, or fraudulent websites.

Additional Information:

None