Phishing, scams & account security
Most breaches start with a person, not a firewall. This guide covers the scams aimed at your staff and the controls that stop a stolen password from becoming a breach.
Phishing remains the number-one way attackers get in, and the lures keep getting better — business email compromise, tax-season CRA scams, bank impersonation, and now AI-generated deepfakes that are hard to spot by eye.
These articles break down how each scam works and, just as importantly, the account-level defences — multi-factor authentication and password managers — that make a stolen credential far less useful to an attacker.
8 articles
Phishing is still the number one way attackers get in
Phishing remains the most common entry point for attackers. Here's why it works — and the practical steps that actually reduce the risk.
Read articleBusiness Email Compromise: How One Convincing Email Drains Six Figures
Business email compromise is a scam with no malware and huge losses. Here's how it works and how to prevent it at your business.
Read articleTax-Season Phishing: How Fake CRA Emails Target Canadian Businesses
Fake CRA emails spike at tax time. Here's how Canada Revenue Agency phishing scams target businesses — and how to spot and stop them.
Read articleBank Impersonator Scams: How to Spot a Fake Call From Your Bank
Fraudsters posing as your bank pressure you into handing over codes and access. Here's how bank impersonator scams work and how to stop them.
Read articleAI-Powered Scams: Deepfake Voice and Email Attacks on Canadian Businesses
Attackers now use AI to clone voices and write flawless phishing emails. Here's how AI-powered scams target Canadian businesses and how to defend against them.
Read article2FA vs MFA: Are They the Same Thing? (Mostly Yes)
2FA vs MFA — what's the difference, why it matters less than you think, and the one distinction that actually protects your accounts.
Read articleMFA: The One Upgrade That Stops Most Account Takeovers — and How to Roll It Out Without the Pushback
Multi-factor authentication stops most account takeovers. Here's how to set up MFA across your business without frustrating your team.
Read articleWhy Every Small Business Needs a Password Manager
Password reuse is one of the biggest risks to small businesses. Here's how a password manager fixes it, what to look for, and how to roll one out.
Read articleWant this handled for you?
Our Managed Detection & Response service puts everything in this guide into practice for Canadian organizations — fully managed.
Explore Managed Detection & Response →Other guides
Ransomware & incident response
Ransomware is still the attack most likely to take a Canadian business offline. This guide covers how these attacks unfold and how to be ready before one lands.
Read the guide →Compliance, risk & cyber insurance
Canadian privacy law, security frameworks, and insurer requirements all pull in the same direction: prove you take security seriously. This guide maps what applies to you.
Read the guide →Choosing & working with an MSSP
The managed security market is full of overlapping acronyms. This guide cuts through them so you can tell what you actually need and what you are buying.
Read the guide →Small business security foundations
If you are not sure where to begin, start here. This guide covers the foundations that give a small Canadian business the most protection for the least effort.
Read the guide →