Oops! You have been 'phished'!
Please learn the HALT process as outlined below to protect yourself and learn how to detect the clues.
Whenever you receive any unsolicited electronic message (email, text or social media) with a link or attachment...
HALT!
Before clicking anything.
Hover
With a mouse, hover over links (don't click!) to reveal their true URL paths.
** For mobile devices, a “long-press” then “Copy and Paste” will reveal the true URL.
Analyze
Analyze the content for clues but most importantly take note of the organization it claims to be coming from.
Locate
Locate the root domain in the email address and the true URL path(s).
**They must be legitimate domains used by the real organization it claims to be from.
Test
Test the validity of the request by doing some research. Call the sender with a number sourced independently (not from the email!) or validate the organization’s domains using a search engine.
** This step is especially important for any message with an attachment.
Remember, Always ensure that all domains used are legitimate for the organization the message claims to be coming from AND test the validity of the request with research.
Conclusion: For this simulation the domain link-up.ca is NOT a legitimate domain used by the CSA.