Baseline Controls News Resources Glossary About
Free Assessment
Home / News / How to Recognize Phishing Emails: A Guide for Canadian Businesses
December 5, 2025 Threats 3 min read

How to Recognize Phishing Emails: A Guide for Canadian Businesses

By Cybersecurity Canada Editorial Team | Published December 5, 2025
How to Recognize Phishing Emails: A Guide for Canadian Businesses

Phishing emails are the most common way cybercriminals gain access to business systems. According to the Canadian Centre for Cyber Security, phishing remains the top cyber threat facing Canadian organizations of all sizes.

The good news: phishing is preventable. Employees who know what to look for are your strongest defense.

What Is Phishing?

Phishing is a social engineering attack where criminals send fraudulent messages — typically emails — designed to trick the recipient into:

  • Clicking a malicious link that installs malware or leads to a fake login page
  • Opening a dangerous attachment that compromises their device
  • Revealing sensitive information like passwords, banking details, or personal data
  • Transferring money based on a fraudulent request

Warning Signs to Watch For

Urgency and Pressure

"Your account will be suspended in 24 hours." "Immediate action required." Phishing emails create artificial urgency to prevent you from thinking critically.

Unexpected Requests

A vendor suddenly changing their payment details. Your CEO emailing from a new address asking for a wire transfer. An IT department asking you to verify your password via email. Legitimate organizations rarely make urgent, unexpected requests via email.

Suspicious Sender Details

The display name says "Canada Revenue Agency" but the actual email address is something like cra-notice@gmail.com. Always check the full sender address, not just the display name.

Generic Greetings

"Dear Customer" or "Dear User" instead of your actual name. Legitimate organizations that have a relationship with you typically address you by name.

Poor Formatting

Spelling errors, unusual formatting, low-resolution logos, or inconsistent branding. While some phishing emails are sophisticated, many contain subtle quality issues that reveal their origin.

Suspicious Links

Hover over any link before clicking. If the URL doesn't match the organization it claims to be from — or uses a misspelled domain like canada-gov.net instead of gc.ca — don't click.

What to Do If You Receive a Suspicious Email

  1. Don't click any links or open any attachments
  2. Don't reply to the message
  3. Report it to your IT team or manager
  4. Verify the request through a separate channel — call the sender using a known phone number, not one provided in the email
  5. Delete the message after reporting it

Protecting Your Organization

Individual awareness is important, but organizational measures are essential:

  • Regular training — Security awareness training should be ongoing, not a one-time event
  • Phishing simulations — Test employees with realistic (but safe) phishing emails to measure and improve awareness
  • Email filtering — Deploy email security tools that flag or block known phishing patterns
  • DMARC, SPF, and DKIM — These email authentication protocols prevent attackers from spoofing your domain
  • Multi-factor authentication — Even if credentials are stolen through phishing, MFA prevents access

The Canadian Centre for Cyber Security's Baseline Controls address phishing readiness across multiple areas, including Security Awareness (BC.6), Network Security (BC.9), and Authentication (BC.5).

Our free assessment evaluates your organization's defenses across all of these areas.

Report Phishing

If you've received a phishing email, you can report it to the Canadian Anti-Fraud Centre or forward it to the Canadian Centre for Cyber Security.

Disclaimer: This article is intended for general informational purposes only and does not constitute professional cybersecurity, legal, IT, or compliance advice. While we strive to ensure accuracy, the cybersecurity landscape changes rapidly and information may become outdated. Organizations should consult with qualified cybersecurity professionals and legal counsel to assess their specific situation and develop appropriate security policies. Use of this information is at your own risk. See our Privacy Policy for more information.

Cybersecurity Canada is an independent resource and is not affiliated with, endorsed by, or connected to the Canadian Centre for Cyber Security, the Communications Security Establishment, or the Government of Canada.

How does your organization measure up?

Take our free cybersecurity assessment based on the Canadian Centre for Cyber Security's Baseline Controls. 50 questions, under 30 minutes, 100% confidential — your answers never leave your browser.

Take the Free Assessment

Related Articles

Threats Ransomware: What Canadian Businesses Need to Know Before, During, and After an Attack February 21, 2026 Threats Windows Notepad Vulnerability: What Canadian Businesses Should Know February 11, 2026 Threats Notepad++ Supply Chain Attack: What Canadian Businesses Should Know February 10, 2026
View All Articles