Keep your browser and phone updated
Updates fix security bugs. If you avoid updates for months, you’re essentially leaving doors unlocked. Set your phone and browser to update automatically when possible.
Check the domain, not the logo
Scam pages often look perfect. The giveaway is the domain spelling. For important accounts (banking, CRA, email):
- Type the address yourself, or use a saved bookmark.
- Be cautious with links in texts or emails.
- Look for extra words and dashes, like
secure-login-example.com.
What the padlock means (and what it doesn’t)
The padlock (HTTPS) means your connection is encrypted. It does not guarantee the site is “good.” A fake site can still use HTTPS.
If you want an official Canadian overview, start with Get Cyber Safe.
Public Wi‑Fi: a safe way to use it
- Use public Wi‑Fi for reading and browsing, not for first-time logins.
- If you must log in, prefer your phone’s cellular data or a trusted hotspot.
- Turn off auto-join for open networks.
If your home Wi‑Fi is unstable, fix that first: Set up Wi‑Fi at home.
Use a password manager (simple approach)
A password manager helps you avoid reusing passwords. The simple win is: one strong master password, unique passwords everywhere else.
Even without a manager, you can improve quickly by using long passphrases and avoiding reuse across email and banking.
Recovery matters as much as protection
When something goes wrong, you want your photos and documents back fast. That’s why backups are part of security.
Set it up once: A simple backup plan.
If you’re not sure what to do
Don’t rush. Take a screenshot of the page (without sensitive info) and ask a trusted person, or email us with a general description. For official guidance, use Get Cyber Safe and consider DNS protection like CIRA Canadian Shield.