Top 9 tips on safeguarding your business from cybercrime in Canada

8 min read
Anastasia Dvorak

Did you know that nearly 86% of Canadian companies encountered at least one cyberattack between August 2021 and August 2022?

Criminal activity that uses or targets a computer, a computer network, or a networked device is known as cybercrime.

The majority of cybercrime is conducted by hackers or cybercriminals who are after financial gain, but not always. Sometimes cyber criminals are motivated for personal or political reasons.

The maximum sentence for those found guilty of cybercrimes in Canada that violate Section 430(1.1) of the Criminal Code is 10 years in jail. But the punishment can go all the way up to life in jail if the crimes put human life in jeopardy. 

Related: Cyber security a rising concern for entrepreneurs in Canada

How to protect your business from cybercrime in Canada

If you’ve ever wondered how to protect your business from being hacked or infected, here are nine tips that will help you sleep better at night and worry less about potential cyberattacks.  

1. Use longer, hard-to-guess passwords 

For each account in your business, use a different user ID and password combination; do not record them (unless you use a password keeper like the ones below).

Combine letters, numbers, and special characters to make the passwords more challenging (minimum total of 10 characters), and change them frequently.

One trick is to think of a phrase you will remember and construct a password out of the first letter of each word in the phrase.

Sign up for to manage your passwords effectively and securely.  

Person trimming the wick on a candle

2. Secure your computer network

The first line of security is a firewall, which prevents access to your computer(s) by unauthorised or fraudulent websites, as well as some types of viruses and hackers. 

Installing a firewall is particularly important if you have employees working remotely.

You can learn more about how a network firewall works, as well as how to choose and configure one for your small business in this post.

Install anti-virus software on your computer and keep it updated to prevent virus infection. By setting up and maintaining anti-spyware software, you can stop spyware from compromising your computer. 

Related: Small business network security in the age of cyberattacks

3. Spam email attachments should never be opened

Email attachments in spam emails are a common technique for infecting computers by malware attacks and other types of cybercrime. Never open an attachment sent to you by an unknown sender.

4. Beware Wi-Fi networks

If wireless networks at home are not properly secured, they are open to intrusion. Examine and change the default settings to keep outsiders out.

Know that any exchange made over public Wi-Fi could be intercepted.

Public Wi-Fi, popularly known as "Hot Spots," is also prone to attack. Avoid using these networks for business or financial operations.

Do not click that link graphic

Avoid clicking on links in unsolicited emails or on questionable websites. By clicking on links in spam emails, other unsolicited messages, or unknown websites, you can become vulnerable to cybercrime.

Really curious about that link? Hover over it without clicking, then check the displayed URL for anything that looks suspicious – misspelled words, etc. If anything looks off, don’t click.

Never respond to emails, texts or calls asking you to share your password, user ID, or other personal information. Only a thief or scammer would ask for this.

6. Protect your online identity

Social media profiles can be used by hackers to discover your passwords and the answers to the security questions in the password reset tools.

Set your privacy settings to a high level and refrain from sharing details such as birthdays, addresses, your mother's maiden name, etc.

Be wary of invitations to engage with strangers.

When disclosing private information online, such as your name, address, phone number, or financial information, exercise caution.

When using social networking sites or shopping online, for example, check that the website is secure and that privacy settings are enabled. 

As a rule, it is not safe to complete any transaction in which you submit private information while using public Wi-Fi.

7. Make the appropriate call for help

Woman talking on the phone

Stay calm. Inform your local authorities if you:

  • Believe you are a victim
  • Come across any illicit internet content (such as child exploitation)
  • Suspect a computer crime, identity theft or a business scam

Consult your service provider or a licenced computer technician if you require assistance with computer issues. 

Editor’s note: With GoDaddy’s all in one website security tool, security experts are always just a call away. Website Security comes with a firewall, automatic backups, an SSL Certificate and a malware scanner. The Standard plan includes one website cleanup per year, while the Advanced and Premium plans include unlimited cleanups.

8. Use a trusted domain registrar and website host

As a result of spam emails or other harmful activities, a cPanel hack may result in client domains or the IP address of the server itself being banned. Your company may suffer considerable financial and reputational losses as a result of potential search engine penalties against compromised domains.  

It can take a while to remove a website from the blacklist.

The best course of action is to consider security in advance, before an attack takes place.

That’s why it’s a good idea to go with a reputable host such as GoDaddy when you are considering your domain and hosting options.  

Get step-by-step instructions on how to recover from a cPanel hack here. Note that the first suggestion is to restore your website from a backup.

Editor’s note: For a monthly cost that’s less than of a cup of coffee, you can foil hackers and restore your website anytime with a single click. Daily backups from GoDaddy.

9. Watch what you post on social media

Person looking at Instagram in their phone

Sharing positive news on social media is natural, but you should exercise caution when doing so. The next time you upload a photo, be sure there isn't even a hint of personal information in it.

People often use the geolocation tags in most social media apps to show their exact location. If the setting is left on, updating your status from the couch could reveal your address to the entire globe.

Your address could be one of the crucial pieces of financial information used by identity fraudsters to potentially verify and steal your identity.

Before publishing on social media, learn how to disable geolocation on all of your apps. 

Related: Why is my website displaying a Not Secure warning?

What common types of cybercrime are there in Canada? 

Many different types of cybercrime exist in Canada, but some of the most prevalent ones are as follows, as per the Comparitech blog:  

Phishing scams

These involve phoney emails or websites that are intended to fool people into providing personal information such as bank account information, credit card numbers or passwords. 

Identity theft

This happens when someone makes fraudulent or other illegal use of your personal information without your consent. 


Hackers behind ransomware threaten to publish or prevent access to your data or a computer system, typically by encrypting it, unless you pay a ransom price.

The ransom demand frequently includes a deadline.

If the victim doesn't make a timely payment, the data is permanently lost, or the ransom price rises. 


This is when someone is harassed, threatened, or intimidated online or through technological methods. 

DoS attacks

Denial of service attacks (DoS) take place when someone or something tries to overwhelm a server or website with requests, rendering it unavailable to other users. 

Cybercrime may be here to stay 

Cybercrime is an important issue that directly affects Canadian businesses. Businesses possess a wealth of data worth stealing, including:

Companies must take care to protect and adhere to current standards when handling both their own and customers' data.

According to Canada’s Personal Information Protection and Electronic Documents Act (PIPEDA), business owners must protect personal information of their customers using security measures proportional to the sensitivity of the information.

A security lapse that allows the leakage of consumer data may result in monetary loss. In addition, it may also result in a decline in client loyalty, confidence, and brand reputation.

All businesses should be open and honest about how they gather, use, and share the data of their customers. They also need to put in place the necessary cyber security, risk management, and security technology in order to protect data.