Canadian healthcare staff decry ‘cruel hoax’ after scam email promises paid day off

Canadian Healthcare Staff Decry ‘Cruel Hoax’ in Scam Email Promises Paid Day Off

A Deceptive Campaign Sparking Employee Outcry

Canadian healthcare staff decry cruel hoax - In a recent incident, healthcare workers in Newfoundland and Labrador were caught off guard by a scam email that promised a paid day off, only to reveal itself as a phishing test. The email, titled “June Holiday,” was sent from an external domain—re-mailmail.com—and appeared to acknowledge the long hours staff had endured during the implementation of the CorCare digital platform. While the message initially brought relief, its true purpose as a cybersecurity test sparked significant frustration among employees.

The email was designed to mimic a genuine appreciation campaign, praising staff for their dedication to the province’s healthcare system. It urged recipients to click a link to claim their reward, a gesture that resonated with workers who had been denied personal time during the system’s rollout. However, the next day, staff learned the email was a ruse to test their susceptibility to online scams, leaving many feeling manipulated and disrespected.

Union leaders criticized the timing of the test, emphasizing its cruel impact on already overworked employees. “This was not just a test—it was a cruel hoax,” said Jerry Earle, president of the Newfoundland and Labrador Association of Public and Private Employees. “Our members deserved better than to be taunted with the promise of a day off after the incredible amount of work and sacrifice they made to get CorCare up and running.” The email was seen as an unnecessary provocation during a period of high stress and burnout.

“These workers are tired, burned out, and desperate for time off. As the employer, NL Health knows that and chose to exploit that feeling anyway,” added Yvette Coffey, president of the Registered Nurses’ Union Newfoundland and Labrador.

The incident ignited immediate backlash from both staff and labor representatives. Coffey highlighted how the combination of mandatory overtime and denied vacation days had pushed many to the brink. “The stress of long shifts, coupled with the false hope of a well-earned break, led to a wave of resignations during CorCare’s rollout,” she told CBC News. “This test was not only insensitive—it was a slap in the face to people who’ve already given so much.”

Healthcare systems across Canada are increasingly vulnerable to cyber threats, and this event underscored the need for better employee engagement in cybersecurity training. The email’s success in luring staff to click the link demonstrated how easily workers could be misled, especially when their emotional state was already compromised by weeks of grueling work schedules.

Lessons from a Cybersecurity Misstep

While the test aimed to evaluate staff awareness of phishing threats, its execution was perceived as cruel. “It’s one thing to test awareness, but it’s another to do so during a period when people are already overextended,” said Sherry Hillier, president of the CUPE Newfoundland and Labrador. “The province should have known that their employees would take the bait.” The email’s clever design and emotional appeal made it particularly effective, but its timing exacerbated feelings of neglect.

The health board’s interim CEO, Ron Johnson, apologized for the oversight, acknowledging that the test had “missed a mark.” He explained that the initiative was intended to reinforce cybersecurity protocols but admitted the message “was not reflective of how we value our employees.” Despite this, union leaders argued that the apology did little to ease the emotional toll of the prank on workers who had already sacrificed countless hours to support the CorCare system.