Safeguard against spear phishing attacks

Spear phishing is a type of cyberattack. Fraudsters use spear phishing to specifically target you or your business and gain access to sensitive information, such as bank account details. Protect your business from spear phishing with updated software and data protection programs.

Notice anything suspicious? Let us know.

What you need to know

Have strong passwords. Don't use one password or variations of it for each of your accounts. This makes it easier for fraudster to get your information. Each password should be unique.
Update your software frequently. If you get a notification of an update on your device, do it immediately. Security software updates protect you from cyberattacks.
Use a data protection program at your organization. Educate employees and implement safeguards to help protect company assets against any spear phishing attacks.

What's spear phishing?

Spear phishing is a type of phishing with a major difference. Unlike phishing, where you receive mass generic emails at random, fraudsters first collect personal information about you and use spear phishing to target you. Fraudsters tailor their scam by impersonating someone you know or trust to convince you to reveal information. Spear phishing often happens through email and other online channels, such as social media or messaging apps.

Stay safe with our tips

Be wary of any communications you receive that request you to keep the contents confidential.
Check the sender’s email address and the layout of the communication. If there are any differences from previous emails, be diligent as it could be a phishing attempt.
Be aware of the language and grammar used in the email. If it seems unusual for the sender, it could be a fraudulent communication.
Don't give in to urgent requests that pressure you to reveal information to avoid legal action or to bypass normal policies and procedures. It's most likely a scam.
Don't open email attachments if the email seems suspicious. The attachments may provide fraudsters with access to your personal and business data.
Don't click on links in emails unless you know they are legitimate and secure. You can check the link by hovering over it to see the URL.

Notice anything suspicious? Let us know

Report fraud

Explore more about spear phishing

Canadian Centre for Cyber Security Opens in a new window.

Find the latest cyber security alerts and advisories and learn to protect your digital assets.

The Little Black Book of Scams Opens in a new window.

Download the Canadian Competition Bureau's guide to scams in 8 different languages.

Business banking fraud (PDF, 935 KB) Opens in a new window.

Discover common types of fraud that target small- to medium-sized businesses.