卡尔加里教育局重视保护所有员工和学生的数据。作为我们构建信息安全文化的努力的一部分，该机构将在十月份推广网络安全意识月。

今年的主题是“打击网络钓鱼：毁掉网络犯罪分子的一天。”

根据加拿大政府的说法，网络钓鱼是加拿大现在面临的最大网络威胁之一。

网络钓鱼是犯罪分子使用欺骗性的电子邮件和网站收集个人信息和/或登录凭证的一种方法。盗贼们正在找到越来越具有创意的方式来获取银行账户、企业网络和网络账户（比如你的CBE账户）、社交媒体账户等的访问权限。

网络安全是一项共同的责任。如果你想帮助打击网络钓鱼，你可以：

• 在你个人的社交媒体渠道上帮助宣传网络安全月。
• 确保你在工作和家中遵循网络安全的最佳实践。记住，在点击链接或打开电子邮件附件之前，总是要暂停并思考。
• 与朋友和家人谈论网络安全- 这里有一些资源可以帮助你！

在当今互联的世界中，每个人都需要帮助减轻众多的网络安全威胁。

安全意识培训演示

CBE认可SANS研究所所制作的信息和培训材料的可信度。

• 电子邮件和网络钓鱼
• 社会工程学

“MFA疲劳”和双因素认证（2FA）

2022年多因素认证（MFA）疲劳问题正在上升。在这种形式的网络攻击中，对手会反复尝试登录配置有多因素认证的给定用户账户。其目的是通过不断弹出提示信息来使用户感到压力，以便他们最终接受2FA请求，即使他们没有发起过这个请求。

我们鼓励所有用户继续拒绝来自未知来源的2FA请求，并与主管和IT部门分享相关担忧。

安全资源

如需了解更多有关IT安全的信息，请参考以下网站：

• 微软安全资源
• 趋势科技-安全新闻

The Calgary Board of Education values the protection of all employee and student data. As part of our efforts to build a culture of information security, the organization is promoting Cyber Security Awareness Month in October.

This year’s theme is “Fight Phishing: Ruin a Cyber Criminal’s Day.”

Phishing is one of the biggest cyber threats Canadians are facing today, according to the Government of Canada.

Phishing is a method used by criminals to gather personal information and/or log-in credentials by using deceptive emails and websites. Thieves are finding ever-more creative ways to gain access to bank accounts, corporate networks and network accounts (like your CBE account), social media accounts, and much more.

Cyber security is a shared responsibility. If you want to help fight phishing, you can:

• Help promote Cyber Month on your own personal social media channels.
• Make sure you’re following cyber security best practices at work and at home. Remember to always pause and think before you click on a link or open an attachment in an email message.
• Talk about cyber security with friends and family – here are resources to help you!

It takes each one of us to help mitigate the many cybersecurity threats that exist in today's connected world.

Security Awareness Presentations

The CBE recognizes the credibility of information and training materials produced by the SANS Institute.

• Email and Phishing
• Social Engineering

‘MFA Fatigue’ and Two-Factor Authentication (2FA)

The issue of Multi-factor authentication (MFA) fatigue is on the rise in 2022. In this form of cyber attack, an adversary will try repeatedly to log in to a given user account configured with multi-factor authentication. The goal is to overload the user with prompts so that they eventually accept the 2FA request, even if they did not initiate it.

We encourage all users to continue to reject 2FA requests from unknown sources, and share concerns with ​supervisors and the IT department.

Security Resources

For additional information on IT security, view the following sites:

• Microsoft Security Resources
• Trend Micro – Security News