G7 Themed Phishing Campaigns

Number: IN18-002
Date: 26 April 2018

Purpose

The purpose of this Information Note is to draw attention to the possibility of G7-themed phishing campaigns and remind users to be vigilant when reading or responding to messages received from unknown sources.

Assessment

The upcoming G7 summit is being held in Charlevoix, Québec on June 8 - 9, 2018 and it is expected that organizations in Canada will be targets of phishing campaigns using the G7 theme as the lure. Phishing emails are routinely the most effective tactic used to infiltrate computer networks. International and highly publicized events are frequently used as themes for phishing campaigns, targeting organizations that are involved in or supporting the event.

Malicious cyber actors are very adept at creating messages that look official, often referring to subject matter that is current or personal to the recipient. Furthermore, targeted phishing messages called spear-phishing, commonly manipulate the sender field to look like the message is originating from an individual that is known to the recipient.

This Information Note is being distributed to remind partners of the importance of being vigilant when responding to email or social media messages, and for IT Security personnel to reiterate the importance of being aware of these kinds of incidents. CCIRC encourages recipients of this Information Note to consider following the suggested actions below, as well as the recommendations described in the reference links.

Suggested Action

CCIRC recommends that organizations consider the following:

If not already done, consider implementing items listed in the Australia Cyber Security Centre (ACSC) report on Malicious Email Mitigation Strategies: https://asd.gov.au/publications/protect/Malicious_Email_Mitigation.pdf

References:

Note to Readers

In support of Public Safety's mission to build a safe and resilient Canada, CCIRC's mandate is to help ensure the security and resilience of the vital non-federal government cyber systems that underpin Canada's national security, public safety and economic prosperity. As Canada's computer security incident response team, CCIRC is Canada's national coordination centre for the prevention and mitigation of, preparedness for, response to, and recovery from cyber incidents on non-federal government systems. It does this by providing authoritative advice and support, and coordinating information sharing and incident response.

Please note, CCIRC PGP key has recently been updated.
http://www.publicsafety.gc.ca/cnt/ntnl-scrt/cbr-scrt/_fl/CCIRCPublicPGPKey.txt

For general information, please contact Public Safety Canada's Public Affairs division at:

Telephone: 613-944-4875 or 1-800-830-3118
Fax: 613-998-9589
E-mail: ps.communications-communications.sp@canada.ca

Date modified: