print   email   Share

Phishing Schemes By The Numbers

According to cybersecurity company Trend Micro, Canada ranked in the Top 20 countries for COVID-themed cyber threat detections in 2020.

The company reports that globally, it detected nearly 16.4-million cyber threats throughout 2020, including malicious URLs, spam, and malware. The vast majority (88 percent) were email-borne spam threats, such as phishing attempts that used the topic of COVID-19 as bait to lure someone into providing personal and financial information.

Canada accounted for a total of 153,584 of the total COVID-themed cyber threat detections last year, making it number 18 of the 20 most targeted countries. The United States had the highest number of COVID-themed cyber threat detections, with more than six million, according to the cybersecurity company's analysis, called A Constant State of Flux: Trend Micro 2020 Annual Cybersecurity Report.

Ranking the Canadian industries that were most targeted by ransomware attacks, the insurance industry was close to the bottom with 2,002 attacks. Government (31,906); banking (22,082); and manufacturing (17,071) were the most-targeted industries.

According to Trend Micro, it blocked 62.6 billion cyber threats in 2020, a 20 percent year-on-year increase. Attacks on home networks globally surged 209 percent, reaching 2.9 billion, as cybercriminals adapted quickly to the large shift to remote working caused by the pandemic. "Going phishing with COVID as the lure: How many Canadians rose to the bait" (Mar. 09, 2021).


Phishing was by far the most common form of cyber intrusion.

Phishing is a crime that targets victims by simulating a legitimate message from a bank, government department, or some other organization, to get confidential information that can then be used for criminal purposes. Cybercriminals use the phone, email, or text to pressure a victim to act quickly, before they have time to think, using the implied threat that something worse is about to happen to them or their finances should they delay in responding.

No legitimate financial institution, governmental agency, or utility company will ever contact you seeking money using email or the telephone. They will use regular mail. If you have doubts about the legitimacy of such a communication, contact the agency or business using a published helpline. Never use the phone number or email address provided in the link.

Once a victim opens a file, clicks a link, or visits an infected website, a type of malware is installed. One common and destructive form of malware is known as ransomware.

A ransomware attack encrypts the data on those systems and makes them inaccessible and unusable without a decryption key. Cybercriminals will then demand a ransom in exchange for the decryption key. Paying the ransom is no guarantee the data will be decrypted, or if it is, it may be so corrupted because of the encryption/decryption processes as to be unusable.

Canadians seeking information and resources on cyber safety will find an updated "Get Cyber Safe" campaign page with lots of information on everything from identity theft to protecting small businesses, to cyberbullying, to current online scams and frauds. This information is provided as a joint effort by the Canadian Cyber Incident Response Center ("CCIRC") and Public Safety Canada, operating jointly under the authority of the Canadian Center for Cyber Security (CCCS). The "Get Cyber Safe" website also hosts several resources providing tips on keeping your home and office networks safe; online dating precautions; and protecting children from online predators.

Other private, Federal, or provincial government entities that can assist Canadians who have been the victim of cybercrimes include The Office of the Information and Privacy Commissioner of Alberta, the Office of the Privacy Commissioner of Canada; the Industry Canada Office of Consumer Affairs; Service Canada; Citizenship and Immigration Canada; Passport Canada, and the Canadian Anti-Fraud Center.

Finally, your opinion is important to us. Please complete the opinion survey: