Holiday shopping
grinch hand holding credit card

'Tis the season.

What are some scams to look out for?

  • Gift card scams
    • Gift cards may be loaded with money from stolen credit cards and sold for a discounted price
    • Physical gift cards found in-store that are open accessible to all store patrons may be tampered with
  • Counterfeit goods scams
    • High-end goods are offered at a heavily discounted price
    • Product that appears when the order arrives is actually a cheap knock-off
  • Fake coupon scams
    • Website may offer a coupon or discount code if you sign up for an account and enter your personal information 

How do I avoid scams while shopping?  

  • If buying gift cards online, only purchase cards from reputable retailers
  • If buying gift cards in-store, try to buy cards in sealed packaging or cards stored behind the cash counter
  • Make sure your devices are secure to avoid having your personal information compromised when shopping online
  • When shopping online, only shop on secure sites (https://) and on secure Wi-Fi networks
  • Do not store your personal and financial information on websites you shop on 
  • Keep an eye out for unauthorized transactions and suspicious activity in your bank account
    • Utilize transaction notification apps provided by your financial institution if possible
binoculars icon
Phishing prevention
fishing hook with emails

Don't get hooked. Learn how to protect yourself against phishing attempts. 

What is phishing? 

Phishing is the act of contacting people via telephone, email or text message while impersonating government or business officials with the intention of stealing private information and data to commit identify theft and financial theft.

Financial spear phishing threats are referred to as finphishing. Read more about this growing threat.

How do I identify a phishing attempt? 

What can I do to protect myself against phishing attempts? 

  • Use email spam filters to block out potentially harmful emails.
  • Think before you click on links in messages that appear to be from legitimate senders but are urging you to provide your personal or financial information.
  • Use an anti-virus software to help your devices detect malware and phishing attacks.
thumbnail icon
Password management
weak password notification

Don't put yourself at risk. Use a stronger password and enable two-factor authentication.

What do I need to consider when choosing a password?

  • Use a complex password that uses a combination of letters, numbers, and special characters.
  • Avoid using information that is commonly known about you (birthday, pet's name, etc.).
  • Use a passphrase instead of a password.
  • Passphrase: a password made up of multiple words.

What is two-factor authentication?

  • Two-factor authentication is an extra layer of security that requires you to verify your identity using a mobile .device before allowing you to login.
  • Always use two-factor authentication when possible.

What are some password best practices? 

  • Use different passwords for each account.
  • Manage passwords using a password manager.
  • Do not save passwords or enter your personal information onto non-secure websites (URLs should begin with https://).
  • Learn more about password standards.
smartphone icon
Data security
Secure your data. Online and offline.

Secure your data. Online and offline.

How do I keep my personal devices safe? 

  • Install an anti-virus software on your computer to defend yourself against cyber threats.
  • Do not store unencrypted files containing personal information such as usernames and passwords on your computer.
  • Don't leave your devices unattended in public areas.
  • Don't access your bank or work accounts on public computers.

How do I keep my data secure?  


Report suspicious activity

Contact the IST Security Operations Centre team