Membership is FREE!   Professional Designations for Business & Technology Professionals


Deception = Distraction + Decoy

2 Mins read

Deception is a two-part process involving a “distraction” and a “decoy”. For many Canadians, COVID-19 represents a multi-dimensional distraction that’s simultaneously impacting numerous aspects of life, and these distracting effects are especially pronounced when they stroke matters that mean most to their victims. There has been enough public education to date to assume that most of the general populace have learnt to harness some form of guardedness around disclosing personal and financial information. However, distractive triggers such as financial pressure, health & well-being angst, and pent-up frustration from being confined, can cause many to inadvertently lower their guards. And yes, the hackers are well-aware of this and have come up with their latest human-based attack vector- mimicking the Canadian federal government, targeting its citizens.

Imagine that your income has been negatively affected by COVID-19 and you apply for the Canadian Emergency Response Benefit (CERB). You have not heard back on your application and so you call the 1-800 number from the website, only to find that you either can’t get through, or you’ll be on hold for an extended period of time due to higher call volumes and reduced staff. You choose to hold, and 30 minutes in, your 10-year-old daughter calls for homework help. You tell her you’re busy, but she insists. You sense her urgency and frustration and so you hang up and decide to try again tomorrow, knowing full well that the chances of an improved outcome is zero. Later that evening, you receive an SMS message stating that you can check the status of your CERB claim by visiting a linked site. The language looks legitimate and so you clicked on the link. You then land on a site that looks identical to the one where you submitted your application. The instructions, written in perfect government-esq language, with the Canadian federal government logo situated next to it acting as a subliminal endorsement, asks you to enter your name and financial information before they can retrieve your file. You say to yourself, “This seems legitimate, and it is reasonable for them to ask for my credentials before retrieving my file… right?”

This example is not fictitious. It was one of many decoys hackers paired with the COVID-19 distraction. In fact, this particular example was listed as a “notable COVID-19 lure” in Canadian Centre for Cyber Security’s (CCCS’s) report titled: Cyber Threat Bulletin: Impact of COVID-19 on Cyber Threat Activity.

The concerning part is…

Read The Full Article

Related posts

Internet Privacy in the Age of Surveillance

9 Mins read
Pew Research Center reports that “91% of adults agree or strongly agree that consumers have lost control of how personal information is…

Massive Supply-Chain Cyberattack Breaches Several Airlines

4 Mins read
The cyberattack on SITA, a nearly ubiquitous airline service provider, has compromised frequent-flyer data across many carriers. A communications and IT vendor…
CybersecurityData Breaches

International cybercops derail botnet used to extort, steal data around the globe for years

4 Mins read
FBI also announced the arrest of a Canadian on Wednesday in connection to a ransomware attack The Associated Press · Posted: Jan 27, 2021…

Yes, I have read and live by this Code of Ethics - We are BIZTEK, located in Mississauga, Ontario. Business Certification is an important part of doing business in Canada. Join us to set new standards and professionalism to the technology sector. We will email you regarding issues that affect business and technology professionals in Canada. Contact us at or call us at 647 499 2744. You can unsubscribe at any time.