The Cyber Review: Cybersecurity mistakes when filing taxes, using mobile devices, and in small towns

April 9, 2021
Written by Farah

From using unreliable tax softwares to ignoring weak point in IT infrastructure these are just a few cybersecurity mistakes people and companies are making.

Cybersecurity mistakes with tax returns

Tax season is upon us and a cybersecurity mistake Canadians make it using unreliable tax filing systems. Cybersecurity experts say Canadians should be wary when filing their tax returns and only use trusted tax filing softwares.

Many Canadians recently got locked out of their Canada Revenue Agency (CRA) accounts and got their login credentials revoked. Forced to register again, but better safe than sorry especially since cyber criminals are always on the look out for personal and confidential information which they can obtain during tax season.

There are lots of ways cyber criminals can get into CRA accounts, whether it is weak passwords or email phishing, it's important to be aware of "phishy" emails with bad spelling and grammar. But also remembering to have strong passwords, log out of your accounts, and never share this information with anyone.

CRA has also cited account breaches and email phishing that has happened to many users.

Why and How Small Towns and Municipalities Need Better Cybersecurity Protocols

Considering small towns don't have the same infrastructure has major cities, cyber criminals are starting to target these small towns so they can disrupt whatever infrastructure they have and threaten citizens. It is not only about monetary profit, but sometimes even life-threatening.

A cybersecurity mistake officials make is not paying attention to weaknesses in IT infrastructure and operational processes which become the point of attacks by cyber criminals. Another mistake is that many small towns don't think they can be attacked thus they don't focus on having a strong IT and cybersecurity force, which makes it easier for criminals to find their way and attack them. The damages can take weeks or months to repair.

Data shows that in 2020, almost half of global ransomware attacks were targeted towards small towns.

By finding easy ways to get in, cyber criminals can then demand hefty amounts which small towns and municipalities likely can't afford.

Avoid cybersecurity mistakes and have better cybersecurity protocols:

  • Segment and defend your network
  • Protect your malware
  • Secure remote connections
  • Authenticate
  • Backup data
  • Limit privileges
  • Raise security awareness

One of remote work's biggest losers: Cybersecurity

A recent survey by Verizon found that nearly half of businesses reported working from home policies hurt their company's cybersecurity practices. In addition, 45 per cent of companies are sacrificing mobile security just so they can get the task done.

As employees are increasingly using mobile devices for key work purposes — maybe checking a text from their boss on their smartwatch or updating a spreadsheet on their phone, the risks increase. Phishing attacks may be more successful on mobile devices because smaller screens may make it harder to notice malicious sites or emails, or due to the size of the device, it can be stolen or lost thus losing company data.

The survey also reported that there has been an increase in mobile attacks and the risk has increased in the past year.

Be aware of the common cybersecurity mistakes people are making and learn from them. Practice creating strong passwords, authentication, and even creating cyber awareness among your coworkers.