Credit Card Fraud Alert

We recently learned of an email scam in which someone poses as a supervisor at Confederation College and requests for an employee to purchase a series of online gift cards using a College credit card and then share the gift card codes with them via email. Please note that your supervisor will never ask you to do this. There are strict protocols in place surrounding corporate credit card use and gift card purchases. Refer to policies 2-2-06: Corporate Credit Card and 2-2-10: Gift Cards at www.confederationcollege.ca/policies-and-procedures. Should you operate outside of these policies, you will be accountable for any expenses incurred. If you have any questions, please contact your supervisor or the Purchasing department.

Also be reminded of the principles of Cyber Security – these help protect you and our College from suspicious activity like these emails. You can refer back to your Beauceron Cyber Security training any time if you need a refresher. All new employees (full- and part-time) receive an invitation to complete this training. If you haven’t received your invite, please the Computer Services HelpDesk: [email protected] and (807) 475-6488. Also reach out to the HelpDesk if you are unsure about an email or call.

Here are some Cyber Security highlights to remember:

• Password Protection
  • Never share your password with anyone
  • The HelpDesk will never ask for your password
  • Use UNIQUE passwords, via a password generator and/or password manager
  • Use long passwords…a sentence – this makes it difficult to compromise your account
  • Change passwords frequently
  • Avoid password patterns ex. “Plus 1”
  • Set up recovery questions and/or reset via mobile options
  • Check your passwords at http://haveibeenpwned.com
• Scam/Fraud Protection
  • Phishing is when criminals impersonate legitimate organizations and/or people and ask for personal information like passwords, PINs and account numbers
    • Know that no company will ever ask you to share this kind of personal information via email  
  • The best way to avoid being compromised through a phishing scam is to be aware of what to look for and be suspicious of anything that doesn’t seem legitimate – think and question before you click
    • Watch for typos and spelling and grammar issues, as well as generic greetings like “Dear Valued Customer” – these indicate it is likely a phishing scam
    • Phishing emails sometimes use fear to pressure you into feeling as though you need to act quickly, e.g. “Click this link now or we’ll cancel your credit card” – don’t click
    • Hover over links before clicking – if they’re long and/or don’t reflect known company URLs, don’t click them
  • Ensure you have anti-virus/anti-malware software in place (MS Windows Defender used on College PCs) – check out the latest Cyber Security post from Computer Services about free software you can get at home: https://www.confederationcollege.ca/node/25735
  • Don’t pirate
  • Microsoft will not call you to help with an issue they have found on your computer

For more information, refer back to your Beauceron Cyber Security training, contact the Computer Services HelpDesk or visit https://www.getcybersafe.gc.ca/en/home.