Phishing – Don’t Take the Bait

Spam calls, scams, and phishing are all common tactics cybercriminals use to attempt to steal personal and financial information from you or your organization. These attempts are becoming increasingly sophisticated and more frequent, so we all need to be on the lookout and stay vigilant when something looks or sounds… fishy.

Recently, the BCMA has been made aware by current and former board and committee members of fraudulent emails and calls received in their email inboxes and on their phones. Those targeted attempts have used correct personal information and might at first glance appear to be from a legitimate source.

We continuously work with our web development agency, our membership platform provider and our insurance company to ensure that our systems are safe and up-to-date with current security standards. Our membership platform provider holds all membership information on servers located in secure data centers, in which the servers are regularly scanned for threats and vulnerabilities and protected with firewalls to prevent unauthorized connections. All member accounts are password protected, and all passwords are encrypted (i.e., never stored in clear text). Account logins also have brute-force login protection to prevent individuals/bots from attempting to guess a password too many times. There is no concern about a security breach or information leak in BCMA systems.

At the BCMA, we never contact members with the following requests:

• Asking for passwords or personal information to be shared via email or over the phone
• Asking members to click on suspicious links to verify information or confirm membership on platforms other than members.museum.bc.ca
• Asking for payment of fees or any charges through a third-party financial provider other than our existing payment portals through members.museum.bc.ca
• Asking current or former board members or members-at-large to approve financial transfers or transactions

If you are unsure if a communication attempt is truly from the BCMA, contact us! Write a new email (do not respond to the suspicious message you received and do not forward it) and include a screenshot or photo of the initial message, or call and leave us a voicemail. Our contact information is listed at the bottom of our website and a human BCMA team member will get back to you as soon as possible.

The BCMA encourages all members to revisit their personal and organizational cybersecurity practices. In the same way you ensure your insurance policies are up to date and that your building is secure, you should regularly review your virtual presence and the safety of your personal and financial information.

Resources

There are a variety of trusted sources that offer training, support, and resources on how to stay safe and protect yourself, please find a few helpful links below. If you know of other valuable resources, please email us so we can add them to the list.