Canadians may overestimate their ability to spot phishing scams
TORONTO, November 24, 2020 – Despite a growing understanding that cyber security is essential in a digital era, some Canadians still need help in getting the message that simple steps can make a big difference in protecting personal information from cyber criminals.
The Canadian Bankers Association (CBA) partnered with Optimity (the new home of the Carrot Rewards app) during Cyber Security Awareness Month in October to conduct a series of online quizzes on cyber hygiene among some of its users. The survey of more than 7,800 Canadians across five demographic groups sought to better understand their knowledge of preventative cyber measures, while also sharing tips and resources to help better protect themselves online. In recognition of Financial Literacy Month in November, the results provide a glimpse into Canadians’ understanding of how to detect and prevent digital fraud, a key part of achieving overall financial well‑being.
Difficulty spotting phishing scams
Email phishing scams continue to be the most common form of attack in the cyber threat landscape. Digital fraudsters show no signs of slowing down their phishing activity in 2020 as cyber attacks proliferate amid the widespread shift to work-from-home, and as Canadians spend more time and money online because of the coronavirus pandemic.
- While the majority (82 per cent) of respondents are confident in their ability to detect a phishing attempt, only 31 per cent were able to correctly identify all the red flags of a phishing scam.
- More than half (57 per cent) of the survey sample incorrectly thinks phishing emails are easy to spot due to spelling errors, indicating a general lack of understanding of the increasing sophistication of phishing attacks.
According to the Canadian Anti-Fraud Centre, Canadians have lost more than $40 million to online scams so far in 2020 and phishing continues to be used in the majority of cases. Among other fraud prevention resources, the CBA has helpful information for Canadians to help them avoid phishing scams: cba.ca/how-to-spot-a-phishing-scam
"Banks go to great lengths to keep Canadians' money safe and protect their personal and financial information, but the realities of a connected world mean that cyber threats are not limited to our systems and technology," says Neil Parmenter, President and CEO of the CBA. "In the digital era, security is a shared responsibility and Canadians have a role to play. To that end, the banking sector is committed to promoting cyber security best practices to help customers better protect themselves and their devices against a rising tide of digital fraud."
Encouraging news on the need for unique passwords
There is better news when it comes to understanding the importance of using strong, unique passwords to protect internet‑enabled devices and sensitive online accounts:
- 83 per cent of Optimity users say having unique passwords or PINs for each of their accounts and devices is "very important" or "important", with only 4.5 per cent saying it is not important; and
- More than 80 per cent of respondents know they should not share their passwords or PINs with anyone, including their spouse or family members.
Despite a growing recognition of the importance of unique passwords, a large number (63 per cent) of respondents could not identify all examples of weak passwords, suggesting a need to learn more about what constitutes a strong password. Another vulnerability is effective password management – more than 80 per cent of users are unable to remember each password, saying this is the biggest barrier to maintaining unique passwords.