How many times have you received legitimate emails from a bank, telco or utility that include buttons, hidden links, email trackers and all the hallmarks of phishing messages? It would be amusing if it didn’t serve to undermine cybersafety best practices and the dilution of educational efforts such as those of organizations like The KnowledgeFlow Cybersafety Foundation.

As part of an interview series for CBC/Radio-Canada this week, I was asked to comment on the newly announced practices of Revenu Québec and was pleased to see that they include 3 of the most important ones:

  1. Express consent to receive alerts
  2. No links or prompt for a reply in SMS/text alerts
  3. Invitation to validate the alert at a trusted address (not provided)

The best part is that by sticking to such simple and effective practices, the agency has an opportunity to set the right example that can easily be emulated and should – assuming it’s correctly implemented – even be presented as a positive example by regulators including the Commission d’accès à l’information du Québec.

Claudiu Popa

Claudiu Popa is a public speaker, cybersecurity expert and passionate defender of privacy rights who engages audiences through storytelling and weaponizes academic courses, radio, television, podcasts, social media and the written word to fight for the vulnerable in society and catalyze positive social change in Canada.

If your organization is passionate about this topic or you have a special event coming up, why not book Claudiu Popa for your next professional keynote speech? Book your unique presentation today or review Claudiu’s unique event seminars, ready to be customized for any audience. Click here to browse or here to discuss your plans.