[BCMA] Phishing – Don’t Take the Bait

[Moderated BCMA subscriber listserv]

Spam calls, scams, and phishing are all common tactics cybercriminals use
to attempt to steal personal and financial information from you or your
organization. These attempts are becoming increasingly sophisticated and
more frequent, so we all need to be on the lookout and stay vigilant when
something looks or sounds… fishy.

Recently, the BCMA has been made aware by current and former board and
committee members of fraudulent emails and calls received in their email
inboxes and on their phones. Those targeted attempts have used correct
personal information and might at first glance appear to be from a
legitimate source.

We continuously work with our web development agency, our membership
platform provider and our insurance company to ensure that our systems are
safe and up-to-date with current security standards. Our membership
platform provider holds all membership information on servers located in
secure data centers, in which the servers are regularly scanned for threats
and vulnerabilities and protected with firewalls to prevent unauthorized
connections. All member accounts are password protected, and all passwords
are encrypted (i.e., never stored in clear text). Account logins also have
brute-force login protection to prevent individuals/bots from attempting to
guess a password too many times. There is no concern about a security
breach or information leak in BCMA systems.

At the BCMA, we *never* contact members with the following requests:

   - Asking for passwords or personal information to be shared via email or
   over the phone
   - Asking members to click on suspicious links to verify information or
   confirm membership on platforms other than members.museum.bc.ca
   - Asking for payment of fees or any charges through a third-party
   financial provider other than our existing payment portals through
   members.museum.bc.ca
   - Asking current or former board members or members-at-large to approve
   financial transfers or transactions

If you are unsure if a communication attempt is truly from the BCMA,
contact us! Write a new email (do not respond to the suspicious message you
received and do not forward it) and include a screenshot or photo of the
initial message, or call and leave us a voicemail. Our contact information
is listed at the bottom of our website <https://museum.bc.ca/> and a human
BCMA team member will get back to you as soon as possible.

The BCMA encourages all members to revisit their personal and
organizational cybersecurity practices. In the same way you ensure your
insurance policies are up to date and that your building is secure, you
should regularly review your virtual presence and the safety of your
personal and financial information.

There are a variety of trusted sources that offer training, support, and
resources on how to stay safe and protect yourself, please find a few
helpful links on the bottom of this page:
*https://museum.bc.ca/phishing-cybersecurity/*
<https://museum.bc.ca/phishing-cybersecurity/>

Feel free to bookmark the page or share with your circles.


The BC Museums Association office is located on the traditional, unceded
lands of the Lekwungen <https://vimeo.com/275788251> peoples (Songhees and
Xwsepsum Nations). We respect past, present, and future Indigenous stewards
and recognize that we are uninvited guests on this territory.

BC Museums Association || 675 Belleville Street  || Victoria, BC || V8W 9W2

museum.bc.ca
<http://www.museum.bc.ca/>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.museum.bc.ca/pipermail/listserv-museum.bc.ca/attachments/20241128/5b420d66/attachment.htm>