Hydro-Québec is a Canadian public utility company that manages the generation, transmission as well as the distribution of electricity in Quebec.
Cyber attackers are using Phishing, SMShing and Vishing to attack the customers of the utility. Attackers are sending out fake messages, phone calls and emails to trick its customers into revealing their personal information.
They are scaring victims into making false payment with credit card. However, Hydro-Québec does not accept credit cards.
Almost everyone in the province of Quebec is Hydro-Québec’s customer. Therefore, there is a high probability to victimize a greater number of people.
What does Hydro-Québec advise to its customers?
According to spokesperson Jonathan Côté, the utility never asks its customers to provide private information through emails or text messages.
Hydro-Québec has also warned its users about the scam through its social media.
Cyber security measures for the customers of Hydro-Québec
- It is important to go through emails and messages extremely carefully.
- Carefully look at the content of the email in case there are any spelling mistakes in the messages received.
- Customers of Hydro-Québec should not click on the links within such emails.
- Customers should call its customer service or log in to its official website for confirming the email.
- In case, a customer ends up revealing his personal information to the attacker, it is advisable that the victim customer should log into the website and change their account’s password.
- Victim customers are also advised to report this matter to the Canadian Anti-Fraud Centre (CAFC).
It is important to adopt a proactive approach instead of a reactive approach. While following the above measures, it is important to inculcate an in-depth knowledge about cyber security and issues related to cyber attacks.
It is a well-known fact that humans are the weakest link in the information security chain. Therefore, cyber security awareness is essential in developing cyber resilience. This process involves four steps.
- A dummy cyber-attack will introduce the person with the latest attack methodologies and tactics.
- With the help of learning modules, one can gain a detailed insight on different cyber-attacks.
- Assessment is very effective in retaining the gained knowledge of the attack vector.
- This process of awareness is finally summed up with another dummy attack.
The idea is to create a defence mechanism against cyber-attacks which can help in preventing cyber attacks from being successful.