Fraud Prevention Month at AU
With the COVID-19 global pandemic came a drastic shift where many of us spend more of our lives online than ever before—and with that shift comes an increase in the potential for online fraud.
March is Fraud Prevention Month, and the focus for 2021 is protecting yourself against online scams. Does that business loan offer sound too good to be true? Are you questioning an inheritance from an aunt you have never heard of? Or maybe it’s a coworker you’ve never heard of sending you a spreadsheet you never asked for. You’re right to be suspicious.
The Canadian Anti-Fraud Centre identified 11,502 reports of COVID-19 fraud, with victims losing $7 million. And in 2021, there has been nearly 5,000 reports of fraud in Canada, with victims losing $10.1 million in January alone.
The Athabasca University (AU) Cybersecurity team and Internal Audit team will focus on four major themes during Fraud Prevention Month: What fraud is, common computer fraud schemes and how to protect yourself with strong passwords, CEO fraud, and highlighting AU’s whistleblower hotline.
Week 1: What is fraud?
Fraud is typically understood as an attempt to deceive someone for monetary gain but takes many different forms. The Canadian Anti-Fraud Centre provides up-to-date on information on the types of scams and frauds that are most reported in Canada.
You can find free videos from the Association of Certified Fraud Examiners and the Alberta Community Crime Prevention website to learn more about several different types of fraud. You can also find information specific to AU on AU’s Cybersecurity page.
Week 2: Common computer fraud schemes and passwords
One of the most effective fraud-prevention measures is recognizing and preventing phishing attempts—fraudulent attempts to get sensitive information like usernames and passwords.
AU’s Cybersecurity team provides comprehensive information about recognizing and preventing phishing attempts. Some common indicators of phishing attempts include:
- a requirement for urgent action,
- links to strange URLs,
- unexpected file attachments, and
- requests for confidential or personal information by email.
If you receive any suspicious emails to your @athabascau.ca or @athabasca.edu email addresses, please forward them to firstname.lastname@example.org immediately.
Regardless of the type of attempted fraud scheme, creating strong passwords is one of the best ways to keep your data and personal information safe. Learn how to create a strong password in this free video from the Government of Canada.
Week 3: CEO fraud
One common way that scammers will try to access your personal information is to send an email that looks like it’s coming from your CEO or an executive from your company. They might provide a link that asks for your username and password or they might ask for financial information. Often, the scammers can even make it appear as if the email is coming from your boss’s email address.
The IT firm QuoStar provides several examples of the kinds of emails targeting businesses, including the example of CEO fraud below.
You can protect yourself against this type of fraud by not trusting anything you haven’t expected, verifying the sender address, being extra suspicious of requests for money, looking but not clicking, and verifying with the sender whether the request is legitimate.
Week 4: Whistleblower hotline
One of the key strategies for detecting fraud is providing employees with a way to report fraud in a confidential and secure way—and protecting whistleblowers who speak up. AU’s whistleblower policy allows for protected disclosures from employees in three ways: